Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
27-01-2024 00:39
General
-
Target
2024-01-27_c59956f0b6b9a1318e84acb1fe49917b_mafia.exe
-
Size
428KB
-
MD5
c59956f0b6b9a1318e84acb1fe49917b
-
SHA1
067d085dc7cda0c4477d1404e0fd6907f3b68613
-
SHA256
794c837d561475fd3c8970f4dbca24991e21c8c04d4b10b829bc980a8f0e42f3
-
SHA512
65885bf1cd59e7b751ed9ad7c66abd9995275413c25fa40041c0e6022fa37d8b5089541f5c6099f847bfe0a12398d4069b4dd2f61abfe049e10cae3539b5cded
-
SSDEEP
12288:Z594+AcL4tBekiuKzErpOin5IqKndQ0IJl:BL4tBekiuVrMi5Iq+S0W
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-27_c59956f0b6b9a1318e84acb1fe49917b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-27_c59956f0b6b9a1318e84acb1fe49917b_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\E53.tmp"C:\Users\Admin\AppData\Local\Temp\E53.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-27_c59956f0b6b9a1318e84acb1fe49917b_mafia.exe 27DFD5F37A7EFB077FA53FD4C089D6E3E2513A0D2C9BE7C5C68D0A1CCDA510A0C80B10518C2D9A2CD3D02B3065C4DFFB5B02849A4C90EA56286FFEC4B2304D292⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD55efe66d615f28578170cc3d836fc50fe
SHA1ba75e533882b214e8f56743bc27114f4c2317e95
SHA256866ac21f82ebca4edf2a060f3bda6c4828e8f0e07a7b2f4c42d71e01ebc5b32d
SHA512538db1aa68505bb0bd9626d514e71c16d224fc98ca899dba9024e63677c16465ab4840f74f0973e3f21451966b9bb07f7b8fc8ed6d02d7b814f88e250bf96e52