Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
01/02/2024, 10:24
General
-
Target
2024-02-01_f6628652ee02c7394adadc79bd343b85_mafia.exe
-
Size
479KB
-
MD5
f6628652ee02c7394adadc79bd343b85
-
SHA1
b4367a7707329779a6cbe7639496c6a20f842829
-
SHA256
30e5183e9ccafde57bca7a57d7ccb58c18d1fc16190c2870f89269ba6a8dfb55
-
SHA512
9077263771ffe8ac63f27aabc658ea4539d2e27d2a42959f47aa81115610d230a6b2fd388355476f58bdd659677013e99259391c30d5ff42c290bb85acbf1ef3
-
SSDEEP
12288:bO4rfItL8HA5Ywl8bdT2y+f0d57EcGyhh75UO:bO4rQtGAD2btn+f0d5/1VUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-01_f6628652ee02c7394adadc79bd343b85_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-01_f6628652ee02c7394adadc79bd343b85_mafia.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\13FE.tmp"C:\Users\Admin\AppData\Local\Temp\13FE.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-01_f6628652ee02c7394adadc79bd343b85_mafia.exe 5B7C72015E637DCB90AFD5AF620E85EF65EBC356A76D7D72872B5E97164E7212D1D10D0ABA347B8C3D706D9A56D35D917E92E2B3241275689DD10270EC4A63BA2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD551518e59c541274dcc6fdff63b16f156
SHA131a45cb7e102c71a0ff4dd714516993af6623270
SHA2561b286a06a602cbe72d2bf59f1fff151fd24551abbc6dce3f1785e85712b6b045
SHA5122cd2e1a29d4070262af25fa0b00eb8c6ff01f26b8810049d64ed0a4d0199ad67cd424c059415aae7b397801c3e1584fd64c9cc3cbff9f3146b02a025ea2c668c