Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
27-01-2024 21:34
General
-
Target
2024-01-27_93c9089e1549dcc655a32f2af0d0be1d_mafia.exe
-
Size
444KB
-
MD5
93c9089e1549dcc655a32f2af0d0be1d
-
SHA1
4976cfcd9123864b6157cb8661b385231b721c92
-
SHA256
6724bd401b601688d71ea09ccbbd488bd30ac583a76793b66897aeb4292034b0
-
SHA512
f2299df5469d32726043ccbadc23d71c27aafe3f5bc1d36328bc24e4c807cbba639e48fe16f0e185fde8fbfdd0a61f51ab6b7db20d89531697298b8af40fb46a
-
SSDEEP
12288:Nb4bZudi79L38Pgb9mzIejWAi8IfxGGedU44A:Nb4bcdkL3h0zZmve2
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-27_93c9089e1549dcc655a32f2af0d0be1d_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-27_93c9089e1549dcc655a32f2af0d0be1d_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2452.tmp"C:\Users\Admin\AppData\Local\Temp\2452.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-27_93c9089e1549dcc655a32f2af0d0be1d_mafia.exe 9C55BEEF95D770D3BBF69BA9A8305199A5D006744DAFE1EA5706CAD67D99A6346E09AC3267C4C3088A82A892E3F5E577C3EA4BA44E0659B41C37C63511AB0D152⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD5fd890d9edbc4612428b3aa756e98f545
SHA19b518ca01169d8477a6baffc4fa8d64905563e7c
SHA256dd366602b1bc9f0371c2f55735d9d827d2268a964a9bb62c344cc8e63efd0bd3
SHA5129d24a42609f62ba709ac7f1bcd220f9f4646f89954765f9726ab206210ee91c9d50d051423739aacd9f5802923904274f93bbef29909dc763a8c9a44ef59565f