Analysis
-
max time kernel
146s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
11/01/2024, 05:49
General
-
Target
2024-01-10_465c2a0eee76b7de0abb20019c74e0ba_mafia.exe
-
Size
433KB
-
MD5
465c2a0eee76b7de0abb20019c74e0ba
-
SHA1
8306c81b106837626e5acb5099479494441ef284
-
SHA256
932cec94ae65fc931f941cc1278109298065422c59f6df83cf43f3045f84568f
-
SHA512
19882d0963561b38ef1c75880084f425a532e77d9f97f11838bde84900322a8b7bd6f122671f18eb700c6ea6cd187fc8f05a52d1f790169e76becd71cc3acc31
-
SSDEEP
12288:Ci4g+yU+0pAiv+h0s3KE55jDGizTY8Tkwt0dVn:Ci4gXn0pD+hp6mTY81SX
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-10_465c2a0eee76b7de0abb20019c74e0ba_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-10_465c2a0eee76b7de0abb20019c74e0ba_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\49F9.tmp"C:\Users\Admin\AppData\Local\Temp\49F9.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-10_465c2a0eee76b7de0abb20019c74e0ba_mafia.exe D34C2AE38BB93CF458E1E52CD7A72985921CF0191207AE467A17F05DBF5AEE3AB96E17E884A3F6E6D3BDDA42A5E9213029D17AF0B2AFE9D617CE68DC1F347A862⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
92KB
MD59908fb69c784da2f5469ab90d000fe60
SHA19b23cf5091cfc1a7014a56d9691e23d4f120abea
SHA256f7f87e80c5fdaffc55e3404c3fc1f37998ea3f1c4731f867dda57d3f6db9110b
SHA512999524a6add46486b88a8f4320bce2d430756f70e682b035cd9a89aecff1ddbcd60b7cfce95baf3fa8d087795885d9f0a14fc38d8c58f6b8b2fe78558e9434ff