Analysis
-
max time kernel
142s -
max time network
171s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
10-01-2024 05:52
General
-
Target
2024-01-09_36b696d60395b6a57f3a2f80f8117d90_mafia.exe
-
Size
414KB
-
MD5
36b696d60395b6a57f3a2f80f8117d90
-
SHA1
c2b2fff383d8ee611f568661bffeeb2ebc210c2d
-
SHA256
89f22f32c4c847be509a959009156359a3dd3068341d3f37c3bf2ff9ae67b60c
-
SHA512
68052439447f434b2604f6336ad15234f4c6416ff7a10db29323214ab0658095f267d19b3797b734c34d1669f84457873582d2c9e207d5cc91252162738ea442
-
SSDEEP
12288:Wq4w/ekieZgU6TsD2UelpgeWOp4ZVM4Cl:Wq4w/ekieH6TsSPUXZiV
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-09_36b696d60395b6a57f3a2f80f8117d90_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-09_36b696d60395b6a57f3a2f80f8117d90_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\A7B.tmp"C:\Users\Admin\AppData\Local\Temp\A7B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-09_36b696d60395b6a57f3a2f80f8117d90_mafia.exe 24D517156998C56F863BBA781A910DE7CDB75771C93F0332E218798B1C553E4EECE299B00227D0E909FEE43E1BCA820A59CE1B9EF29C43D4565BAA9B91FA35FE2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD55961252fb6b5bf66027817676c7267e6
SHA1f52a490ea0d4dfbbf229537378ab1959590d48cf
SHA2561df598ca7c22eb3ac19245bc040cd7c4dbec369de83857ab3bdafad8578edfce
SHA512010e2c87b6703c9609ea821a1fe37d8d1d3b1a8ab5d150280cc1460f8d9d03678e27409f652fa63af93fc57a96ec013672e0ca24041bfeec6b365566b4a94f4f