Analysis
-
max time kernel
156s -
max time network
170s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
09/01/2024, 06:45
General
-
Target
2024-01-08_9fb0e418a391917e0b7c08834a1acebb_mafia.exe
-
Size
414KB
-
MD5
9fb0e418a391917e0b7c08834a1acebb
-
SHA1
b9a6fd17ba271d71c49dea05a147b419a3cbc52b
-
SHA256
d58dff7716ac53dd29eac6bb009c5f953d5864d230072e395b577dc71ca409c5
-
SHA512
8a635e30574479cf9d578ebd66af84ffff32cc1563368e1186b28d817b4e728ddab6e2b094b0168f9c22a52e92fa603152e83e8a00c1c6ece5491d0b747d9cd2
-
SSDEEP
6144:Wucyz4obQmKkWb6ekie+ogU6BYxDTkdULeZunY13/HXT+BKJ3tAH7lx:Wq4w/ekieZgU6uTLe4nY1fjH5tAblx
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-08_9fb0e418a391917e0b7c08834a1acebb_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-08_9fb0e418a391917e0b7c08834a1acebb_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\410B.tmp"C:\Users\Admin\AppData\Local\Temp\410B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-08_9fb0e418a391917e0b7c08834a1acebb_mafia.exe D5E19BAC6D9659F4A7D2B7386630BF5B080B883B386F0A4C405F494C8E49BC225D9BC2BAC248003F8FF991089802BE0A17FA214AB54AAFB0D4B88436AA4BB49F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD579f1fba810aec6bf453196301bea2cd3
SHA1b97cee22932f8a4bdd6ddb1f2d4b4f6192770d93
SHA256415e2cdbba49863bdd8f0301a85f44b4391612d5f2296a45c4c85a72fe6502f0
SHA51277a06eee1cba0c861668751861eb407f90f7215695739c0c6cf65f14a47b6cb69b6303c9450f612321b17e197bf65aaeebc758728a8bd68394c207825a679f85