Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
28/01/2024, 01:34
General
-
Target
2024-01-28_733e1498f3b7f12d719157d877d49459_mafia.exe
-
Size
476KB
-
MD5
733e1498f3b7f12d719157d877d49459
-
SHA1
2f86398cd42f7b846381cbae13d7174706eeaaf1
-
SHA256
085be344d41dfb9fb6bb021a79e16e770a92a786dee11a647b67cb5a18312ec1
-
SHA512
22b9820d39da77c567d4b0b5dc3015b66732737c302e8823706f166a5cc1f1da49a036ef56c20321459fd504bdfb12aa386fce3a1a71e5b7acf9ba99c8696829
-
SSDEEP
12288:aO4rfItL8HRDXEjLh1njx81QmJCJenIgiRsaOb7K9wlsDpVFd:aO4rQtGRDXAdmaLgiRCb+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-28_733e1498f3b7f12d719157d877d49459_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-28_733e1498f3b7f12d719157d877d49459_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1111.tmp"C:\Users\Admin\AppData\Local\Temp\1111.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-28_733e1498f3b7f12d719157d877d49459_mafia.exe 858D1598B3B1187E60B28EBDE86F72DBAF6FB7988DD119AEEDF893697BC7E512B88E4095E9CBA805D13826E3CD8192AE3A1204B424A2A48BBDCC65F9C33EA40C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD5e67578182cf9f657951c029eb2dd06db
SHA1887ff7a54b53990e9e0c118d56224efe66f3d362
SHA2564f10b62037be5be9215244eba1dba33095d1434629b72a73e0d3966635f42607
SHA512f18da23ef693a837dc6ab9361e68d2dd4cda88a253ad960f2c09bc58da73bbca2b7f858173a29aeef68473133926fb90c22036bacf7a6186b6d2fb8dfe9f12c9