Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
24/01/2024, 05:29
General
-
Target
2024-01-24_60c3277e7f6840a0f6e8c9f28c05efbe_mafia.exe
-
Size
479KB
-
MD5
60c3277e7f6840a0f6e8c9f28c05efbe
-
SHA1
7f7397ba5e2f9bea1bbdc8594553a7ce6bdb07f3
-
SHA256
55a4bd175b1c34ae9208b4bbe5b6a7841a8cfa50ad9456e1f723e8eddf7b4f42
-
SHA512
e9d37c8adbea9aa2119010d9b2b113702a74bb382dc98333b80ea5bb34f689b27c9c494d6c4650a464c1eae3cfc1137cc38f3e715f194bbf4ad1065e13ba1861
-
SSDEEP
12288:bO4rfItL8HAvUpShgLcedti0VrMvY3BJ75UO:bO4rQtGAvUjHVaaBJVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-24_60c3277e7f6840a0f6e8c9f28c05efbe_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-24_60c3277e7f6840a0f6e8c9f28c05efbe_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\841E.tmp"C:\Users\Admin\AppData\Local\Temp\841E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-24_60c3277e7f6840a0f6e8c9f28c05efbe_mafia.exe DABBA8635A72AE270303917447146EAEC04AE23D3DCD4CBB4390CA9DB086B9DE8DE5365CB34C8F2E9AD511DC55995FE377363595ABB115601E6D2350EBD1B4E32⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5f3f8eb370bedf0651f9109957e390445
SHA11d71aea7dc9d0ce62ebc17404941199265de6935
SHA2563c283a957cfdf5d9d5927671765f9ed1350c6e4ccb48f319eb4beaf8526d9e78
SHA512791c35fc0e464ffd72384b7c90c6d3d93152efbcf15e981be8ec2539adc38e547e8c282ba34ec56da3db66a425b59dcc96c02f323563aee185c50d7a784ca7d7