Analysis
-
max time kernel
131s -
max time network
125s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
11-01-2024 05:57
General
-
Target
2024-01-10_db16ff4d88846bb2e34079f5ea5ba506_mafia.exe
-
Size
486KB
-
MD5
db16ff4d88846bb2e34079f5ea5ba506
-
SHA1
acb38297fe28f34edb8a89c764357f1124200d98
-
SHA256
dd3b2fece1ec2f6df6ce2312b3237a313adaa007dd1d56a6fcda20d8b1e7414a
-
SHA512
9d15635c5c7fc7badf1b6aa67734cc91f3e480c1df3174b74f052e115e290650f8a437c3d5fa7cb56c532648ffdc37d0b809f0dd2859f8b69b4ca591ab87efe1
-
SSDEEP
12288:3O4rfItL8HPoMiQSgxbp6gXv/Vd7rKxUYXhW:3O4rQtGPoQSgtp6aHH3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-10_db16ff4d88846bb2e34079f5ea5ba506_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-10_db16ff4d88846bb2e34079f5ea5ba506_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4A09.tmp"C:\Users\Admin\AppData\Local\Temp\4A09.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-10_db16ff4d88846bb2e34079f5ea5ba506_mafia.exe B99A4E5A58E89E53A498890233C2524541BCB6941DC5FF6D3128179A056B59FFE0DF43D4ABDFD2DECCB5D5EB228B2B24C023D434437A572DFD0EEAB2B6F0ECF92⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
92KB
MD5b22806c8a6695dc50771ad12547f46b9
SHA1472fd18ddb305f77f1ff77e05b8f6414fa45f9da
SHA256dcddd1c9bee7746a9bae8e0305eb0ff427538685802efc3f1002c4adb131a443
SHA512e69ac4f103bdf497a4c98b5612b642c21db26c95c15f18c081d7a3c5173808300adf0a015ca0254fb081ed18e087f25a0614dae23a1cf4539b523928921fbcbe