Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
25-01-2024 15:38
General
-
Target
2024-01-25_7ef1c6c1868a0543a2b4b2244d228aba_mafia.exe
-
Size
479KB
-
MD5
7ef1c6c1868a0543a2b4b2244d228aba
-
SHA1
920181badb77e14884e551cba813d96da56f6010
-
SHA256
2b8b9b07e0e6ee074f6f4f9bb8bab7ba81fd5da22834618df8af13124c28816c
-
SHA512
4f45cb93af92049d6aef9a21382f5ddcda70da368c14a7c2327eba3a661b9a0736a98030a702526922d9cc214c785bbe1791c616cce0c1dd81f3dfd1ba1e961f
-
SSDEEP
12288:bO4rfItL8HA5tetqlOJSExTtJq3wnW37JlgUaa75UO:bO4rQtGA5VOpTMh37LgUaaVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_7ef1c6c1868a0543a2b4b2244d228aba_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_7ef1c6c1868a0543a2b4b2244d228aba_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3F70.tmp"C:\Users\Admin\AppData\Local\Temp\3F70.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-25_7ef1c6c1868a0543a2b4b2244d228aba_mafia.exe E6FB2A6738918FFB0F1AF7B72D9635BA6EDCECBEF7D4E2A6A8160ED9344B753E45198B4EF95BFCA616E8491AE4AA5B0696C2D1008D8A0368639FF0B123B156C82⤵
- Deletes itself
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
\Users\Admin\AppData\Local\Temp\3F70.tmpFilesize
479KB
MD51ad1154b64134c8ad6eca235bfb24b46
SHA1c44c504be8abf6241ae12a5f87434c5f66437086
SHA256bfb14f11d0043159bdb3afdb096555f8da15cadba180f626f61377978bfa6067
SHA512b9ffa05ff6a12c2785eb07351a22f3b9ce804f72fb81c36958c8b3418d58674242a735ba5ea0a0a5ca78be869fd3251f23736131e464c94ddbf61af8d48b1c80