Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
25-01-2024 15:33
General
-
Target
2024-01-25_558b58667052f577b887991136c7180f_mafia.exe
-
Size
384KB
-
MD5
558b58667052f577b887991136c7180f
-
SHA1
2e41b26e351763b43142093acbdd756bace20134
-
SHA256
19034176249967b97e2fd19b7920e4ab4f7972e08979f898d5e44fc29d4ee1f9
-
SHA512
b908fac52e49e98f958e6c784db4453c6462177040e3f5e8dc59107a716230f0a7ea9b753b40306e9c63545279eeeb958333fe0cf24e56c10c1c7273f3685d9f
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHue8qnhRU5gyAk6F3oVcBwvnNeBQsZCZ:Zm48gODxbz0e8qhq5/6GmMMuZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_558b58667052f577b887991136c7180f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_558b58667052f577b887991136c7180f_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2E22.tmp"C:\Users\Admin\AppData\Local\Temp\2E22.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-25_558b58667052f577b887991136c7180f_mafia.exe D0208333F03B3A78BA3A2E9763F1AD4103EF6422E063BB2BE0D2D2D8DD179C94E46174D38E920DEA93DFE90F94B014E6A9F2318A250D7E2BA374BBA2488BCAFC2⤵
- Deletes itself
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
\Users\Admin\AppData\Local\Temp\2E22.tmpFilesize
384KB
MD5b2411a2374e9fa39abf88b91e438e742
SHA1b00dba20cdf4204250c98516c009c2b7e70460f5
SHA25630ad9f395416d66b491030022602837f1567ecd04b62ddccf3ad468337d9b3d4
SHA51242a1fd3cb34234011f580285a162656e246195406c0a1512680c522cac1b07fc00c5edebf9cd79d98757ab53a1647ce560e047227cf284f58da302f72fc0367f