Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
25-01-2024 17:27
General
-
Target
2024-01-25_4cc96a64340b5ab3c48e61d2d2de632b_mafia.exe
-
Size
443KB
-
MD5
4cc96a64340b5ab3c48e61d2d2de632b
-
SHA1
cd285ea1c2b8d6bf3f788e3437bdcc3de804f19f
-
SHA256
67d8f5708d32644993611385def901f1f36e57eeaf930a874a6480f87f236d0d
-
SHA512
0fc73cbbc39753b32acb4baa31c8a5e80604f2111bf691b03e8d9e17e2f9da3bf1ddffd70cb5e6f30129a43e4642aeb1e07da1458d30a14eb00e42ff73d22bca
-
SSDEEP
6144:Wucyz4obQmKkWb6ekie+ogU6BY9K9Llyjuyh/TnD0SVXyT6JKDz1RrgM6wHPhnlV:Wq4w/ekieZgU6MM4aiATMmmwxlMa
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_4cc96a64340b5ab3c48e61d2d2de632b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_4cc96a64340b5ab3c48e61d2d2de632b_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\E05.tmp"C:\Users\Admin\AppData\Local\Temp\E05.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-25_4cc96a64340b5ab3c48e61d2d2de632b_mafia.exe 5EEB862321A2E0F0EE68E12DBB2EA33484DB1AF4DB8731D18D7EBE0DC72FA04C2651408FE8E4216FD033BA9EE9F71E4EE8928E55B8CF5AFE66CC96E179A11E7B2⤵
- Deletes itself
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\E05.tmpFilesize
443KB
MD552f4169959c717d1fb4f95925d08b383
SHA12d90228901fbbb5a68458be971272e93ef3adf9f
SHA25665fdbeac142aebc62e6f74b51ab7919fc662cb787ac0b61a3e04580773a55177
SHA5124ee4a6d2de54547956ec7c0869042016af251ff312fabfb3c2f32e169b4b8afa5fec93c49f33dd977883773e0532382ed6fd84b0b47f402f4909b1b7dd5a9124