Analysis
-
max time kernel
122s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
25/01/2024, 13:24
General
-
Target
2024-01-25_3984df6a1cf2a33e1a666761ffacc3cc_mafia.exe
-
Size
486KB
-
MD5
3984df6a1cf2a33e1a666761ffacc3cc
-
SHA1
2a433fbe75a58ee9f0527fa6215bff29a9677e81
-
SHA256
0a9500d9c5d70dee3141c8a7c58ff6b3993f70a1be4602f76b06f7f219c9907c
-
SHA512
7d25b99bf3ef151c54c161a604017dbbaf535fe72eb15efa819954c86479bb4d3d20e4715e06079b8ee0920a6f1785ae753ac6c5895f7f0d7e68c106e730743b
-
SSDEEP
12288:3O4rfItL8HP7cxlOkyfgdOW3/exCWG6Pu77anjfIZ7rKxUYXhW:3O4rQtGP7AcRs2Pu72njY3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_3984df6a1cf2a33e1a666761ffacc3cc_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_3984df6a1cf2a33e1a666761ffacc3cc_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3F32.tmp"C:\Users\Admin\AppData\Local\Temp\3F32.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-25_3984df6a1cf2a33e1a666761ffacc3cc_mafia.exe 974FDB9A33B45F9D4161D5AF2D2332EDCFFED0BA26D0F5C31956ACD5ECBE46ED87712E242C629AA8490387C80DCDC70996535706527D1FCD82BAFAD892EC06482⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD57b3d2fcbdb23d47458f05590ca21f7aa
SHA103ffc29391b18ee4c4bb26477e7b1296823010b3
SHA25649f2c85589f2955098144fc1056299e210cac16edaa37f644bcab4a3d59b4191
SHA51236a4de456e9466aaf4f45aaf85c07244de1e5487b18d3d1cc737d1053f98e9115509a77d36b718ef082a71a4e9a9e5dc3dabdbfea9b7c6dc5adb10d84c52cc94