Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
26-01-2024 00:45
General
-
Target
2024-01-26_2da6bb545cd3b5a4c5f57a5b346a5c16_mafia.exe
-
Size
444KB
-
MD5
2da6bb545cd3b5a4c5f57a5b346a5c16
-
SHA1
94b2f7b4067d2ce50ce3579821c856172aa44b1e
-
SHA256
460a9ede72e1bc512e1be9b4639f00b08f7e93b43ebc8c92c0a2f51f2b477794
-
SHA512
83c2f0018579b716a2237eb6dad2feab53b10a2619dfb21501cdd8538c8112fc187e4e434b5eb1f7fb0559e36cef3c9f94af1c341a907d377300d0f9821dde8f
-
SSDEEP
12288:Nb4bZudi79LKy19TyXFl4ryFER9IUbZoBA:Nb4bcdkLKy7UFAyF49I8
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-26_2da6bb545cd3b5a4c5f57a5b346a5c16_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-26_2da6bb545cd3b5a4c5f57a5b346a5c16_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\982.tmp"C:\Users\Admin\AppData\Local\Temp\982.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-26_2da6bb545cd3b5a4c5f57a5b346a5c16_mafia.exe 459726880BE0D5AAFB7CD8242F95F829EF37F0372925495BA9BE432532F1048999AB92876EB04F92F8A5594073C0307740951D76AF4D3F600A9053F50594BDB82⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD58c71fff7c01b322c592b790398b977c7
SHA1c9eb992fb578d5c27afe2c520b759c9ea755d1f9
SHA256f2cb3a7d31e5738c958c2b3a49f5499a11f1c0358eb09a400138b34bf6406bee
SHA512227c571434395ad02bda31d0efd07a92121d6e0761cd6fa4dd4e81c85acf7b1edd4334ca2f5a3f2b692b7e3d69d53ed4bee52245443e37ce78dc175ea6a1af86