Analysis
-
max time kernel
144s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
10/01/2024, 05:50
General
-
Target
2024-01-09_10b6c382932f75e6fd71496ae166019c_mafia.exe
-
Size
468KB
-
MD5
10b6c382932f75e6fd71496ae166019c
-
SHA1
99777e9b1b6c72a286800e156cd80fb83d95d665
-
SHA256
2128b336a1c9f99d84a24a8c6ddab96269ced78407d8a3d6a443d9fc27b8accb
-
SHA512
ad00acf40bb96fbf0150b9711a35b6bbba7670702149d48433495d2bc8854fb979a2187c13d9a4d82b2e83d5dab9b81ae457d8eec595d81e9aaa70fbded238db
-
SSDEEP
12288:qO4rfItL8HG8qiGLhVUatil+1ULbiY7bWmeEVGL:qO4rQtGGxXLntD1yiYumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-09_10b6c382932f75e6fd71496ae166019c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-09_10b6c382932f75e6fd71496ae166019c_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\48C1.tmp"C:\Users\Admin\AppData\Local\Temp\48C1.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-09_10b6c382932f75e6fd71496ae166019c_mafia.exe B3CC6309177517054EC14796E72BB5173A2C9DA1C00FDABBB0D01C4433D28BE63EBD9F82A8E053BE130D99BB7210A812F1BE1FE5295F28DD9B4537A2082BC8FD2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD52df35c61332c563afbd369713617e7b8
SHA1d2885d3bdec7f513f1795d68a1e56fb2d38dfcd7
SHA2560ff9dd1be91583f186bb4b3803687eb71614a1bca08a289010152fbc5f2dd691
SHA512911db216570bb1d071a251285b8f17316fce22a4bf3b3ecec4edf8d1db193c1ab744d62cb2c89af7dc96686abb8762deac26e16f33e070e14d570d756d5342f8