Analysis
-
max time kernel
122s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
25-01-2024 17:32
General
-
Target
2024-01-25_8bda594e8bace24782556d903a9b4818_mafia.exe
-
Size
433KB
-
MD5
8bda594e8bace24782556d903a9b4818
-
SHA1
bf7dc7426430536caca847f23662fcd0928577c2
-
SHA256
508f99c09bb8caf08846b21e3d6feb1c12defce64e892f90c7a2d83025632de6
-
SHA512
4a953970a8737959db575b4c544d52c63653a44090c47c495da42f554b168fba765accb63d359a73bf40d8fdc79fa7d82595380368684f7c0e2e0c36ceeaee5f
-
SSDEEP
12288:Ci4g+yU+0pAiv+0BSAnIbkZKAVJtAEvqNkYPRppsNDOkzn:Ci4gXn0pD+bctS7ieqQm
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_8bda594e8bace24782556d903a9b4818_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_8bda594e8bace24782556d903a9b4818_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\86A.tmp"C:\Users\Admin\AppData\Local\Temp\86A.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-25_8bda594e8bace24782556d903a9b4818_mafia.exe 1AF23D484F76BDB6B191EA5D003002D007D4D0BBD175F6FD93D9B06DE1943BA09A4FC911C7AE2DD32A1518B4601F5A30C2FFE533994A79EA744F554E1A9C74A92⤵
- Deletes itself
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD51c038247e53a9ef32717981dc989f9d8
SHA1eddf9a4d30dec6472021280e284763df6ef93e2e
SHA25658c5e82079c262f08389a3704b462abeac39fc40ebea1a5af770d00c9fbd377f
SHA512773ddf40e6866ab916a03ea5a6f16499534bcab6330adb23512c422c946305cb0729818b0338a508504bf568880ed9e735a3adc9c79a98af92b08081f4ca4ad6