Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
28-01-2024 23:22
General
-
Target
2024-01-28_0e686e4a8b4ca33392f825d72fd6d8a3_mafia.exe
-
Size
443KB
-
MD5
0e686e4a8b4ca33392f825d72fd6d8a3
-
SHA1
715a3acd2192119c29760dcdaf4d6d1ec70a33c3
-
SHA256
3b276a66e8bcea4e770cbc90d9b96584eb40c0334da8b92b8c797bf021c77477
-
SHA512
534a2b62dbb3cdf705c2a05f70de660c177a520370b9fc2383e997d711a0b51de70337dc99f402a3a929d7e28fa5e35a0f1a3b1536f14d8eb36bf81818bd7790
-
SSDEEP
12288:Wq4w/ekieZgU6FuVFNda6/0zrPKxJoWlMa:Wq4w/ekieH6Fufa6cPPAP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-28_0e686e4a8b4ca33392f825d72fd6d8a3_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-28_0e686e4a8b4ca33392f825d72fd6d8a3_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5293.tmp"C:\Users\Admin\AppData\Local\Temp\5293.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-28_0e686e4a8b4ca33392f825d72fd6d8a3_mafia.exe 13A2FE47C3991B62C4F72B9446193C00345BB1CBDF9ACDA1B82B97BC2C9647108B374198B29A1B26EB3F540831FD49AEAEF10E14FB9C16074FEE0B658AC352DF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD5dbe523b8e976ad368b740f27906cc9c1
SHA1cbc73b1b2c68c1a5084b64fa93de788b54fb5464
SHA256d027321f40939e698913a18ad0f4bc5cc4183573ee7fd402f79f7d64024f04d6
SHA5125a61e9d92b2edc1ac3bdacbbd2b08e0edd22bc65fc3798d13e866e986ae977873ed6b8b11169b71e0fbc6f922f19d17d5cdd37e0d29983991cf801c4394ad2d4