Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
22-01-2024 15:37
General
-
Target
2024-01-22_f6c462cd2f129bd85e7c08c4e1030ac4_mafia.exe
-
Size
479KB
-
MD5
f6c462cd2f129bd85e7c08c4e1030ac4
-
SHA1
2463506bfbf15ef69c264566c899ba21a8ef434d
-
SHA256
dd0d10f2553f44b74b709b44d7b347f827919b34a118842d3b1ebbd01103a58a
-
SHA512
46f11d0c0262625216958fc5309e624fd8db60c3814fa24bc53b828c46cc1c8fe6666a61e9d2debbbf2ea5ddac9e28ceb49796a60ba97b8b3ce28d6e0b427cdb
-
SSDEEP
12288:bO4rfItL8HAOnG7yyzdlpyPyhZ3ctXv63mkD0Hoe75UO:bO4rQtGAOnJy56Pyr3gmm0gVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-22_f6c462cd2f129bd85e7c08c4e1030ac4_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-22_f6c462cd2f129bd85e7c08c4e1030ac4_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\47BA.tmp"C:\Users\Admin\AppData\Local\Temp\47BA.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-22_f6c462cd2f129bd85e7c08c4e1030ac4_mafia.exe B479386372881BD7AA1DDC9BE0012EDDE7D3E3821CC45EDAC973A5D95D4343A823D2BB3DD3CDBA104C52E69D048EE9F17547DBAE5AE9676D543F1BD21EFDC7062⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5b6025be9d6154c3977bcd5ff92762e3a
SHA1746f05f5ee7643b0757729eb6417dfda8c3acbe2
SHA2568106046846ddef41bcc8d2f660decdd80df8f5d6ef27e83f0a28de7f6421d113
SHA5126e9a4407ab5c274734ac926c09692baa9428b65818ac6bad864b902255717e9947e9d65e3f0b58a318c65086ec949e8eb5de26d61dad41f7c09574b040aed878