Analysis
-
max time kernel
152s -
max time network
178s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
10-01-2024 05:56
General
-
Target
2024-01-09_76f187ba5038b179b796a409b87d3907_mafia.exe
-
Size
443KB
-
MD5
76f187ba5038b179b796a409b87d3907
-
SHA1
b2ff70294031dd72aa0abfc661041a90992b42e3
-
SHA256
22fcf0f8bdc474addc5f79ef273ed37a6a0776c51183eaf9e543cdac4d57728c
-
SHA512
79f1ebd38dce42ffbc1d7276be85c270aa22ac9620271762d19df2850408106a15ea533aa147d7d703245c9530c4caa4978b7eca0458437cf911b466cc8e4760
-
SSDEEP
12288:Wq4w/ekieZgU6QgAWmxpa3yyGzXMuLrqlMa:Wq4w/ekieH6qEyyc/qP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-09_76f187ba5038b179b796a409b87d3907_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-09_76f187ba5038b179b796a409b87d3907_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\9258.tmp"C:\Users\Admin\AppData\Local\Temp\9258.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-09_76f187ba5038b179b796a409b87d3907_mafia.exe AC6CD532BB7B17BE88C7F4F43ED59EE5A819B85FBA846426C5974C0C27B09C665D9AFDAE1299AE629501952438BA4F6F4F8DAC52B02BB14E9B52689D76A721E92⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD5dc7341fba2f30ccd2c33769cb0a0d1c9
SHA1e790e83217be8d8f1fe24fe100284861f29b43e4
SHA25669aea49d6feb589674292c688c7a129e1efaf5d2acf0215102dc3b1a3ac4f0d6
SHA512f878ab280e7640f57ad948a6c422fe7c90938fd3db6ae2db9413facf923085aa4687876ecf818a106965e43371a21139ede61b563a8a0b1575dd11c766d91e3f