Analysis
-
max time kernel
164s -
max time network
182s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
07-01-2024 12:09
General
-
Target
2024-01-06_4dbc7da0ca4ac4904707ff393cac6708_mafia.exe
-
Size
486KB
-
MD5
4dbc7da0ca4ac4904707ff393cac6708
-
SHA1
556aa6f89e0e7c104c55e520bf2a5ecddd3abbc7
-
SHA256
99076157f9b530f476d462400cd28589f55bc956fbe531d8555d6195e43837c3
-
SHA512
2558c7fc38b10bc6f93b225acbf479bc63b1f34f2fcd4e74734c38847c94abb82d5799b267dabc02e458b1824a065b821063142269f1e32d17b924f96ab35d05
-
SSDEEP
12288:3O4rfItL8HPZmNuB4hzqVKgJX4Qd/b1dN+Z7rKxUYXhW:3O4rQtGPZYoVKgWO/b1dM3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-06_4dbc7da0ca4ac4904707ff393cac6708_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-06_4dbc7da0ca4ac4904707ff393cac6708_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3AB2.tmp"C:\Users\Admin\AppData\Local\Temp\3AB2.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-06_4dbc7da0ca4ac4904707ff393cac6708_mafia.exe 6A5AB2F77D92D30DFF015E68DE4A33812E58B4E96DF9F09DAAD8CCDEF2F8B7152578F949B65CE07A97F4B78B3FD4F0C8D16056217CC52DE9A0813BB0CC83F4BC2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD55c38ea2ac46b375f88a7390d9e2d9e3e
SHA14b6a1e7b70c449632e7c5006748b81f01a0d12bc
SHA256005e0d36fab83c660c1ff3bf7932aededb58b4d2ce2fb8314567afd116b8410d
SHA512c11c122a52d35a41174396ae3f6a0409c870fb01a621e7c3a052b278eba2a3f02c7518b1cb7c8a2627a7c7f3afd8971b7c78cbe4f1c1da0c4e896ecca917522e