Analysis
-
max time kernel
120s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
24-01-2024 20:27
General
-
Target
2024-01-24_a38cb32481b83b250297cceb2a65d459_mafia.exe
-
Size
433KB
-
MD5
a38cb32481b83b250297cceb2a65d459
-
SHA1
4b763ce0edb710a18fe49cf5f5597cc9d3039435
-
SHA256
dc8e175fc48e82bb6dbafbd7da3f48e478fe360fe2f36c2535e28effcc7d743e
-
SHA512
7c02c79ebd1b7d4af89cfe98a584f9e6aadee1a3918b85a10af8c9e8f71ce0da1aa43deefe1c19d9541a0c181fc087fd092f9bcba79805706bf3b712a743232c
-
SSDEEP
12288:Ci4g+yU+0pAiv+x4BFlrOEhRcZZaJ4k58gn:Ci4gXn0pD+SBFlr9hRIoJF3
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-24_a38cb32481b83b250297cceb2a65d459_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-24_a38cb32481b83b250297cceb2a65d459_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5937.tmp"C:\Users\Admin\AppData\Local\Temp\5937.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-24_a38cb32481b83b250297cceb2a65d459_mafia.exe 58A834F1C76A71DC90B66B92AE401CD0489CB78FC1AA2C13B079F3BC6F43E71193FD10D45AC1DDAE4BF689284B5F3BA42B9FA4F8C66700B3246B70A280C678C82⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5017651dddbce37bce73f9a3d08a983c2
SHA1847295e759369a8598ae426304c7f3b378102ac4
SHA256fe851aa1ca9bfddfdacd82bf06d222cd67b4d325321c7c225912fb4b553d3808
SHA512456c17a356ca77169c214c8a63757eb09f3f2e1c18fc1650d26a5f591d78f7505212f6ee7081dc4334823a26a5bf19b591454dd22e289c65cca9941b2536409f