Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
25-01-2024 05:27
General
-
Target
2024-01-25_2c82538fe241c05a76cbbd4a3f54dbeb_mafia.exe
-
Size
428KB
-
MD5
2c82538fe241c05a76cbbd4a3f54dbeb
-
SHA1
311b9abede85212dbbe2749c6d0938cd3a1d310c
-
SHA256
978efff90293eb2677a3b82206168ae5ade9d6f90797ed5535c3574be7b522eb
-
SHA512
3280aa829977af4358488300ce787c4dfa55faf8a004d9b2ee3e131747b2456bc4c4bd37427be68f1c963e91324b3191cf4cc0423d1f6abc4853eac76760caab
-
SSDEEP
12288:Z594+AcL4tBekiuKzEr4G69XDaQlTYPWuFe+aQLWKzVl:BL4tBekiuVroZDxL9qLfZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_2c82538fe241c05a76cbbd4a3f54dbeb_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_2c82538fe241c05a76cbbd4a3f54dbeb_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\12B6.tmp"C:\Users\Admin\AppData\Local\Temp\12B6.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-25_2c82538fe241c05a76cbbd4a3f54dbeb_mafia.exe CD047EDE27429331F02A90B74222A8A549DB38BFCF45EAC9F66CC8FBA18E4E044E328332BDCCD7DE0751CF1D396294FEA020BFB9B8ACA6ABB3C79F33879173F02⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD581f29637da3ade93d208d9eb32d4921f
SHA149b0066001b09e302ff0c77ba8d03e483ad3931b
SHA256ba3ef4441f69ada4edec8e3a17ba3250b358ba9224c12a14c3ed011b59a75d62
SHA5121e6236669641c4e151b384e261cb329cb4ce01d091e45f48df3087940fc337d2eae7dbcfbc0c31e62a44f3a2c51e44ec49024f8855eea74f6260df3694a125d5