Analysis
-
max time kernel
149s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
09-01-2024 06:39
General
-
Target
2024-01-08_46f0f7944e661474aa2356fbfd910960_mafia.exe
-
Size
433KB
-
MD5
46f0f7944e661474aa2356fbfd910960
-
SHA1
5984fceb53e1ffd6258440dd84966e8d5ec01305
-
SHA256
89d725e980a9f150ef951bfc57313507de105408bc038ea6e20d6c82f36bc890
-
SHA512
cc26873cda282a8c1b3f7a91f87a1234c66b7703a7978999b5dd24e99df66703638f42f2c0e3af69556c05cfbf3502f40bef943f3734e4cf24081ebe4d46233d
-
SSDEEP
12288:Ci4g+yU+0pAiv+3XTduExdHwn1yllPuCQhKJn:Ci4gXn0pD+HXxC1ylxR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-08_46f0f7944e661474aa2356fbfd910960_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-08_46f0f7944e661474aa2356fbfd910960_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7109.tmp"C:\Users\Admin\AppData\Local\Temp\7109.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-08_46f0f7944e661474aa2356fbfd910960_mafia.exe F8524CEEF1C05A9C078967074982C764CBAE2943C2DB159F2DCA690D235C78596AFE6C654BF910E97D68D5D02DE82F75B3C4C78349B1806FEF49F98DD24441C52⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD55149e6f8ff8673d869a2af4dcd3e4dd6
SHA1c9d26631856feb13e3ac5cf763c95535343d5292
SHA256676c91763c06c85c5f8f87eff760585949f25b1603e89710521cf6ad30ceba5a
SHA5126efcbe2ab725040a18195bf0c8125e49f96bb05889acbd3d15a41538d1fd8407bf623bb46092f20e266717586edb78ddf3c7f9ffe07e784a5ae247c9ce382fe1