Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
07/01/2024, 12:17
General
-
Target
2024-01-06_d59673cb9315dd28e7e5645c11a67aa1_mafia.exe
-
Size
414KB
-
MD5
d59673cb9315dd28e7e5645c11a67aa1
-
SHA1
10da311aa1674db0a629135009e2951708c25128
-
SHA256
2f5d1e18bac49fcc6ad0fc23026f8a40feeefd75a75f7bb54f438db04ad390d0
-
SHA512
2e2cc33e569821f2d8472514796988b0eb6ec362cd22e41a39312b4122a32c58d3ce198328683929d7c5fbb7b217217e82fe5a46ee2072c75d8c6d0ac76f0fc3
-
SSDEEP
12288:Wq4w/ekieZgU6xpjvjCmI4HGDTRQHUY2Yulx:Wq4w/ekieH6xhjs4HkRuFur
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-06_d59673cb9315dd28e7e5645c11a67aa1_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-06_d59673cb9315dd28e7e5645c11a67aa1_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4A19.tmp"C:\Users\Admin\AppData\Local\Temp\4A19.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-06_d59673cb9315dd28e7e5645c11a67aa1_mafia.exe CBED304AD80E29C5B7266F242C871394DCE25D622F026F5CDC428FB93A00FDA2815B20EC6CA89C3B2D309597A818EC01525D4DD938EEED648C737E6A3CFF00302⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD54bb08fd8aeab36f548ecc5664156c54e
SHA14cd5fac7468abdec84c0425e3168fe3f65e36190
SHA2560e270eb3310ea26b863614d993d07291ef5936bd4a029dbca96972f18456af06
SHA5122564432de97bbbc9f51b2d5a07cf40cbfa37905f6917dd19c52a7a6fde5e4837824cf7fea4e570f532529d00473e8dded55cfb455586fd54414ce8487d202a09