Analysis
-
max time kernel
122s -
max time network
132s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
18/01/2024, 13:42
General
-
Target
2024-01-18_acfdfbfcdc7de55ba90662854b2dbaff_mafia.exe
-
Size
384KB
-
MD5
acfdfbfcdc7de55ba90662854b2dbaff
-
SHA1
82f83cf1dcd2cc5dd4c1bdeb9f0d36274671d816
-
SHA256
e262ec71c7051a1cbff5fcddfd6ff3b25524583b8c116ebe39303d491865e39b
-
SHA512
5d6f3356cff6f62e2fffbc33a2d8295e90005474373e52ae8c0d470a3cc819ce4539c77320499ad6525fdefd0580ea463fd3e81850c83efca451b31f9a371732
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hH0Q7LHifxxr1O+9HQfW4nVcSnvQW+QwZ:Zm48gODxbzriplQgj4nVhvP+QwZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-18_acfdfbfcdc7de55ba90662854b2dbaff_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-18_acfdfbfcdc7de55ba90662854b2dbaff_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5B69.tmp"C:\Users\Admin\AppData\Local\Temp\5B69.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-18_acfdfbfcdc7de55ba90662854b2dbaff_mafia.exe 8E15C8F0ADD2CBB48AC14860815352FE06A2FC5AA701944ED6E82B258C2200042C1D93FA7558CB37180E0D1BFCB1FD6250534390F421BC220DA4274094D2E06B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5dc5dc80759e95e6bad050e3b89079afc
SHA1945f2bfad11678cd502d8a7f0e7a4cbad78cc984
SHA2563524a5f354f92203deb7dfb56c5ce4f44f5bc26e278d15391990e8bf4ca33b5b
SHA51278a221d43a32046d783a3156e55853ad644297df149ac55023910e0d311df24391ee9a0e1380d6a7314e31cc2cd1cb1d86cbd3162a1ef0107a8717b804836edd