Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
27/01/2024, 22:24
General
-
Target
2024-01-27_3876c4972bfb1cf1a9c51cf259ee04b0_mafia.exe
-
Size
468KB
-
MD5
3876c4972bfb1cf1a9c51cf259ee04b0
-
SHA1
817e84aab2a7e09322dac444e71bb06d09a7950b
-
SHA256
46d0af52407367eed0599b9146fc97f4dd80961a2102bcab534eb548121575bb
-
SHA512
e29bd5116f9e7f3eb10487e27f33e45cd5502a6d986e0ccf8a10353fa887b7b8310f4c1e42b2c0afa5439a2053db305dbacbc50b8711a039c76e06e17ce6080a
-
SSDEEP
12288:qO4rfItL8HGeqNK6cstabgPAiy95Xf9suCxIf7bWmeEVGL:qO4rQtGGTKKygP5y9JyIfumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-27_3876c4972bfb1cf1a9c51cf259ee04b0_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-27_3876c4972bfb1cf1a9c51cf259ee04b0_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\933B.tmp"C:\Users\Admin\AppData\Local\Temp\933B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-27_3876c4972bfb1cf1a9c51cf259ee04b0_mafia.exe C62CCAF61C50C2E28BE70E39C86CF24E6FD5A81DF68ED0F070810742D3A50207AB577CFCDFFBCC7B665CBF1687285C67BA752501DBF4A50F47CE543B0FAAD4292⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD50c2d83b1ae3bd56e10d83a057f2c0f9c
SHA1908e2dd1c9d7a28a1444c005735b158186b29fa9
SHA256001c6d742fc8d1d9d8ae733d19c3ef904c01703b78ae7a6470fc164e855be717
SHA51273e790c324bb1ecf6747be541f95aa2e24d78efd58db58760fcce38b2536201d60a8b4edee50f2494455ccb4adc20120678ddac76a371669f185f141a23e79ec