Analysis
-
max time kernel
148s -
max time network
187s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
10/01/2024, 06:02
General
-
Target
2024-01-09_d9df9972c1e523515b20c858470fbabe_mafia.exe
-
Size
428KB
-
MD5
d9df9972c1e523515b20c858470fbabe
-
SHA1
8dbe31a46b4fa6dfb4467d4c1c8aea1e0217a0a5
-
SHA256
905f3068c26944932968f8a597569274967069c0f52003e307017e9f5159b9d9
-
SHA512
e3966acb98c5c457a97e8d7b12719a9143ab8dd964cfc88e0bc0e33f1d42b9d02d3a57dbca809f911ff6353c140d101a7639ff92c91c95945f94227def6666e8
-
SSDEEP
12288:Z594+AcL4tBekiuKzErJx4lr2YEZBCJ9K4ws6vjel:BL4tBekiuVrJx4V2YEZBw04Oa
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-09_d9df9972c1e523515b20c858470fbabe_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-09_d9df9972c1e523515b20c858470fbabe_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\E2CE.tmp"C:\Users\Admin\AppData\Local\Temp\E2CE.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-09_d9df9972c1e523515b20c858470fbabe_mafia.exe F694217FBF46F2603D6810391264CA29010A1EACB9549377371E19CDC96E7853358E51C1DFCB4DB6E33CE81D2D7412BD453003ABA6F2626ED9357626DBA0C9D32⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD52dfd955d0912e6362d25349412c36472
SHA13402f781717736ffb363e467a6ff008df2b9c8dd
SHA2566d4dfb1e81be5e8481ad3bd8cff15adfa62dd1af691c38004a169c034fc0f3bd
SHA512351c15e25eda933097da3a73d89e2919baf8811c46560faa1b116f3e0ef9e5534d1b5f16e381c5e6ae3f9f70913649f978bfa363978a42bb2abbb07bb9dc0aaa