Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
25-01-2024 01:26
General
-
Target
2024-01-25_3dcf83479443fd450a07af6591dd4c6e_mafia.exe
-
Size
443KB
-
MD5
3dcf83479443fd450a07af6591dd4c6e
-
SHA1
52c5c4d369cfccbb8703fec69ccfe43de3a7a5d1
-
SHA256
562d5af321b782f9daa8c4195ab5b28b4cec21ce04f608fdb16e3f36c0ed1d41
-
SHA512
8a97d0295242d944e02b985984faeed7482d26c96a64cc9cf2a64844e94b9f84948733faeab66b105d6446e7f01591fec44261e50def0630252f379a3ad0023c
-
SSDEEP
12288:Wq4w/ekieZgU67OE8H5+GZ35yoKaigGt7trJqKuNg3qzqnlMa:Wq4w/ekieH6abZ+QyoKWGt72KQg3qenP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_3dcf83479443fd450a07af6591dd4c6e_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_3dcf83479443fd450a07af6591dd4c6e_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\61FE.tmp"C:\Users\Admin\AppData\Local\Temp\61FE.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-25_3dcf83479443fd450a07af6591dd4c6e_mafia.exe 2F33AC74A56DC91D37D204472D44805A29294E0E49714256446BDC48C7CB4EC7B142E935077659566B135069C9F6CC0616400B409F7342D1D4799EA04D9AFBCA2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD55f55f9b52bc20909a3a97818ec34f8ed
SHA149434d023688c27b2f8f10f9c74bfcf9c221e10e
SHA256e925d02601b7a9b34ff0a1a860c59d6b895a428c88ca694b7b0ad9eed117f22b
SHA51212275448c9de68337a1b1346b6f813e5dc2ee169d385d6ccad5ea97f1c74b276f567644bac4573cd19757d6a8933ac48000ef06acffebd773c6cdaa85757d5e2