Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
25-01-2024 15:47
General
-
Target
2024-01-25_b463b557f99d15b7c8001004aac37d70_mafia.exe
-
Size
384KB
-
MD5
b463b557f99d15b7c8001004aac37d70
-
SHA1
989ffbc8efdb855d70bf745daa7f58c8d2c02b16
-
SHA256
7265e2d8349169db79d361c635a9c57693ae9f2856a27760d15d8988d188f303
-
SHA512
617d19425b5d6bb1a7d617fff8de0a99cc39d1ca78a2a1239a7dbf0e9ae43c80e3dacae5f9becfd4182b9b2551ba5e4d98e183e4c3e0f2ac3462f50d5dc80e7f
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHa6y7AYU5+17YSL1aV35Tvh0Ig4phJZ:Zm48gODxbzP0A3mESL1upTWLCPZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_b463b557f99d15b7c8001004aac37d70_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_b463b557f99d15b7c8001004aac37d70_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2EED.tmp"C:\Users\Admin\AppData\Local\Temp\2EED.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-25_b463b557f99d15b7c8001004aac37d70_mafia.exe 2EB27164CE2C6FDE3015DAE94679BF0B6C4858E4BF7C188933593503E9E48BBBF92888F3FC3957F68735A5BFE9940B34FC01E6C60A5E37F93FF40E30DA178E6B2⤵
- Deletes itself
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
\Users\Admin\AppData\Local\Temp\2EED.tmpFilesize
384KB
MD596463623a2728da45c10387908c35263
SHA196e43afc749c1908e1096b25ed84e6dfc85ebb02
SHA2562448c319641b51c3ab21af1fb063ea81d10fe1728ca05fe94b7ac3aedfa0057a
SHA512e551d8fed453a83905a772441fdaa60d1582a87062008888e0843ccaf6edfd75f5a16659dca86534fa55f97889d92e6258d555334f6ca98a1ef64a00b5a8516d