Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
24/01/2024, 11:23
General
-
Target
2024-01-24_182c3627bc0f2039cbbe8678d11e2188_mafia.exe
-
Size
384KB
-
MD5
182c3627bc0f2039cbbe8678d11e2188
-
SHA1
6d3725f23e7719ca7ef2923c5345abbd65eac9a8
-
SHA256
33cbf4ff66e882cccc7a1a325c1890e55e1da62463967d0a1694bbe6f061614c
-
SHA512
a3f3ffa0884c4531324d377bde6d6ed44f8b77cab01875e6f125b7769c7275065ffc1426bea49cbb214c5c11e31ce364703803972d54e8aa6fb936ebd37674e4
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHgZefoUk4zrWlsOLtd3f5L/uoet5Z:Zm48gODxbzqN5sed/bSZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-24_182c3627bc0f2039cbbe8678d11e2188_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-24_182c3627bc0f2039cbbe8678d11e2188_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\15E1.tmp"C:\Users\Admin\AppData\Local\Temp\15E1.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-24_182c3627bc0f2039cbbe8678d11e2188_mafia.exe D00F01E4AE62FBE609D2769D0B39BE3E3404C5AA1F3A49C1E9219CE48C17A10419518C390E0D57361FC6FF0B1ABCE0F358E658E9BE48372CE8D078ABEDCA34682⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD51c2b565f0ed603fbb3336b54a67bf0f8
SHA1d03bc712331b79304e93fa6e1bd97bff4d0a71db
SHA256801bdf5a90a97c123c1c7cd86bc98b6c5eab98c256f0b3b755d7948ee1c9e2e7
SHA512d3e4e4f0e7a24fc9749983a1b3f21723d725313afadc855c1534dbc8e0855d1938b72f19a9969a393f7246706945ccafbf2a1c03d0717737d9f4e640951b74e2