Analysis
-
max time kernel
121s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
29/01/2024, 13:30
General
-
Target
2024-01-29_b34e05bcf6720a58a64fc64436bbe067_mafia.exe
-
Size
443KB
-
MD5
b34e05bcf6720a58a64fc64436bbe067
-
SHA1
5be92aaf1399cd1fbd31011903b4fd01ed2bc5ec
-
SHA256
24a91b3b75b666b513ae520231b0d202c99c3e527bd3f04f4d7581927770a433
-
SHA512
133dcf2d9db84498ae809d77e2130a882a401933f45cb201601705b3550d5bd97b42081b5b9aec5012dc0c7e5c9c5695644998a00ceceef6fbcbf316fcea2f5d
-
SSDEEP
12288:Wq4w/ekieZgU6Qc/Sa/HFC58XGIBBxlMa:Wq4w/ekieH6Qc/7BFBxP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-29_b34e05bcf6720a58a64fc64436bbe067_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-29_b34e05bcf6720a58a64fc64436bbe067_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6864.tmp"C:\Users\Admin\AppData\Local\Temp\6864.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-29_b34e05bcf6720a58a64fc64436bbe067_mafia.exe A67CDFDC441B62A9FA740BE74624BF3E0B12EC10665E2C5DB43C5B83716614E82C58B115ACBF263C2D642C0A1495515CF81B7A99FACC7C28C90D9C9F443541B42⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD5e9130941b7712ee2f66b51c84821a9f1
SHA169f8b060c35b37a517ebd72c3766b39ab235dacb
SHA2566fd1f7cc8473b92a185f75b3ee2edbe315261e8782c9a9e0edaf7bda612d7e0a
SHA512103c9c2928f9a59c2f407a8756b135dfcc11ee13f7572d3b7565224d21d7849b229cf2413760934f5a4795e5f9859a8be5f73b21d3258c31af994c3cf6350d16