Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
25-01-2024 15:53
General
-
Target
2024-01-25_e7d367c5c4961ac8efaf42489c0ae6c9_mafia.exe
-
Size
479KB
-
MD5
e7d367c5c4961ac8efaf42489c0ae6c9
-
SHA1
9a9a71d03c7f55e2b3c77b73de717bcd593d8184
-
SHA256
3fcb4edce19efdce7b77c1131570490326b9a91f06566b162703c5f54f0aac33
-
SHA512
48c384c9bb2e918b6a37bc7e18389a00d6515b4df226874ffc3ac1a7b12cfb475973e0b49c2039fc9e46465b3872e17187d35ce46307425d1ebeaf2ba6483291
-
SSDEEP
12288:bO4rfItL8HA6DynexxZgIgOKv8/CRIdE9maQGVu75UO:bO4rQtGA6pSIgO1qysQGVuVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_e7d367c5c4961ac8efaf42489c0ae6c9_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_e7d367c5c4961ac8efaf42489c0ae6c9_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4D07.tmp"C:\Users\Admin\AppData\Local\Temp\4D07.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-25_e7d367c5c4961ac8efaf42489c0ae6c9_mafia.exe B27B74DAA773BA5D18CFAD89328C5BE2C808A25EEB9144E8B13D45DE3DFD9CD1D9C5F69C7FA1E36B0972147D5F3F33DBA4DD63CCEA145B01F4AB7D6E7723103D2⤵
- Deletes itself
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
\Users\Admin\AppData\Local\Temp\4D07.tmpFilesize
479KB
MD5d817cfaefe03c89734db7b824aff9344
SHA13ef23f8a60303c3a5277cd9ae83895f873d0fbb1
SHA25612e30dcc608e9d60d069fa079e165f06b0d0c09bc5ee7c8615c9b19324efb85f
SHA512e91fade4ac373dd544d91f97cafdd73d7645309a8b36a436247b8b46ce8c72fc6adcc1f18059f02dbdab19da76c11d556d737eccf0117300ae359feb3e6cf717