Analysis
-
max time kernel
152s -
max time network
171s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
10/01/2024, 05:54
General
-
Target
2024-01-09_5678567df1c003b9dee89f4d8d062ab3_mafia.exe
-
Size
433KB
-
MD5
5678567df1c003b9dee89f4d8d062ab3
-
SHA1
327128244dd241413e3ee77ae3622db8da901b28
-
SHA256
0f3390782c427d615e56a3f5d306b4ae9456cbf40da58ae0b93a72f000128ae9
-
SHA512
24106c84785974cf44618892246af1faf916e174c1e7bf4519da9ad6bff47db02b5d369e01ece615b50dfadbb080e8525d4e9477ff5adf0ee940a2f1df288a43
-
SSDEEP
12288:Ci4g+yU+0pAiv+CTshtfxjLl29l3couaMMpiqMXn:Ci4gXn0pD+CTsdLqTvQqM3
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-09_5678567df1c003b9dee89f4d8d062ab3_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-09_5678567df1c003b9dee89f4d8d062ab3_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\DD02.tmp"C:\Users\Admin\AppData\Local\Temp\DD02.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-09_5678567df1c003b9dee89f4d8d062ab3_mafia.exe B36264B332F595E75ADD8FF254468BFBC7DC12C71B3986C0F71799D24578204A5F313245B16BE1470F712C34C10C69BE36B89E4ABB16C48C0C29FCE31DFD4D3B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5844fe3e768f9c4c04916dc9935203577
SHA179716e1e9d30ddba508afbc23d0f4aa2108d865e
SHA2561513cdd6d551d255d0c6c08a7607a7c469785c72e92ad1646934c802d819c59c
SHA51240b12719142d450febd9f3bd4e51aff594167d5f2202898ba503034d698ea663b8d73e088b2c671e1312ab17e1c083fb3aa465243d3df905dba9c8f741d535f4