Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
24-01-2024 05:41
General
-
Target
2024-01-24_e3dc229d3421e7f0d997782cb402c108_mafia.exe
-
Size
486KB
-
MD5
e3dc229d3421e7f0d997782cb402c108
-
SHA1
e95877b3bc86dedcdc4b25a338b2655fd32c1124
-
SHA256
fabb04d6c41b9e94836ab4499a257a681155b87d370418284aff6dd6e04e9e2c
-
SHA512
b5452ab2db4845fa76b1f5893acf755dd948f27a504aea3f04d56af727e2e58fd35d747325d1b4a85b3279e8a1faaca9a4dc5709943368efce056245a57fdcbf
-
SSDEEP
12288:3O4rfItL8HPepPR0dB7jWg5szTV9xPrl17rKxUYXhW:3O4rQtGPkZ07f5svV9x513KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-24_e3dc229d3421e7f0d997782cb402c108_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-24_e3dc229d3421e7f0d997782cb402c108_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4B33.tmp"C:\Users\Admin\AppData\Local\Temp\4B33.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-24_e3dc229d3421e7f0d997782cb402c108_mafia.exe A1A8F4CE28D8638A8ACBE3E19860CB8B7A7D715402B1027710D9598B874AA0B83436CD107C7DCC00104DFE7731DC6C3568C9072165A4ED15B78695604D3F4BF92⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD5488c1d8e761cb895cc1d797f191fc174
SHA15b2415ab4883e54b1643ed2c25da27f2cd892d19
SHA256830d40456ef8d05eaf48c636ba671df7bb7d499aad05c55cd2c85a696ca4c584
SHA512dcb6df6fc78951b6e4d3648ae642552d31d7d9bc7766cbee14ffbcbc762df1c7cca4ee9e7d8ed95ebdcd45418969bae5a9528469319051f9845bd4a926daf284