Analysis
-
max time kernel
120s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
26/01/2024, 17:24
General
-
Target
2024-01-26_1f514917620688452b1a9f54f5310fb8_mafia.exe
-
Size
384KB
-
MD5
1f514917620688452b1a9f54f5310fb8
-
SHA1
954e69bf2becb34879cd9da51057e415803e5a8b
-
SHA256
530b83bea7ce8a057018be82adec2a118f0bb9d14e355787b6ae7126fbe5e141
-
SHA512
8dd791c9cc600ed98330e3e0e35bd339f7c2c221d7f983dce00e67ccd2ca14e1431c871a4b112ffad753bffb869574caf2fe0cc5816820359b3b583fa6e4f570
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHzrEajQmqjOLhNc9ipHzVC+ISNHYcT+c6wCNc2Z:Zm48gODxbzpnj3qT9iF5CfSsciNc2Z
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-26_1f514917620688452b1a9f54f5310fb8_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-26_1f514917620688452b1a9f54f5310fb8_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\35DF.tmp"C:\Users\Admin\AppData\Local\Temp\35DF.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-26_1f514917620688452b1a9f54f5310fb8_mafia.exe 41A736920840F47EFEC40A3C9F6403CC32E8D7EDC9280D4E99B92DCF71EB2FD2C2A694D50E39C4A44869521430E394138D4743C39BEEFF69EBA8CF3366C45FD12⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD52aff0d78c78f1da584678784670a347f
SHA1096c213c744c8da2a4ba30c679351ade4dcc1ff3
SHA2563428355d2cc68afad51408a261a3da9e158738cac50e2dce69dcdfa2c2ba1687
SHA5121f01371cb39140a5e37a6703783f88f2e19dca9b3da5376f5bfff116fb2799cf64cdf33b8d2a256d191344317fa5fa062b47fd53844ecd08fa5f9ca473dfa327