Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
25-01-2024 17:30
General
-
Target
2024-01-25_70fe617b03dc1e4caeb0d8dbc849e462_mafia.exe
-
Size
433KB
-
MD5
70fe617b03dc1e4caeb0d8dbc849e462
-
SHA1
5c212d35f056abdf9c7aa8c24c5c74492cc8548b
-
SHA256
7a99f0c0ec705e98ef4f26fd305aac699fda7cbf91dbcd33439e19d5cd7238e5
-
SHA512
209b99b6a649e8579a35ac8e58cd6c81877c10182e51c26c299f571dccf2032f60c8fd69ba093a4e1da341bc196b5bc0c3cf07a680d7e00f628186eb36acc636
-
SSDEEP
12288:Ci4g+yU+0pAiv+cdtpLG1i36t/PGJqMEDNmNQn:Ci4gXn0pD+D//PGET8Q
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_70fe617b03dc1e4caeb0d8dbc849e462_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_70fe617b03dc1e4caeb0d8dbc849e462_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\B18.tmp"C:\Users\Admin\AppData\Local\Temp\B18.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-25_70fe617b03dc1e4caeb0d8dbc849e462_mafia.exe 78A6A5BFE588B1814D847B43DC832C7B4DB01A68544349D001D90C5CAB697CF70EB18CF183064FC67D3D3EB8078AF5CCD0675CB998FE632768D951E49774DC222⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD57b7baccc82559efec476395c0b0154d5
SHA148096f32e9b0b589faac3d02355c102a332af29a
SHA2564f8ed7f75570f2a105822881f7b410022d901a47c730913ebe7ae5398e57a836
SHA512bb985c13e1003c85b10da9ffb7672a2e4143f3ef7977f2f44d1fa7d5895f1ecd1dbef574d92dece26b241e158e7d334200d8f39606c595b6dbd93f91d8c2ddd3