Analysis
-
max time kernel
209s -
max time network
220s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
12/01/2024, 05:54
General
-
Target
2024-01-11_05531d4f8713d3a74611248311bb97ce_mafia.exe
-
Size
433KB
-
MD5
05531d4f8713d3a74611248311bb97ce
-
SHA1
74327793f3627399efa55d195503bca9ad92da49
-
SHA256
74ccb201c5f149e95e43d6208e8d5e40588d5e807b94babe9b08c78ad3d2ea2e
-
SHA512
6d4c4e7ccd42431cb9e7be1da14e62f9d70e4f323b844cdd280e6722a46e51f9258ebe7114ca03fc3e28a394c0bf3e6d6d1de494373eba44a8f0353cd582b404
-
SSDEEP
6144:Cajdz4sTdDyyqiOXpOd0p6Jiv+vtvnV7kP+vqMw5hcIN7JsiupM+Vln:Ci4g+yU+0pAiv+zvqMchcUgO+Vln
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-11_05531d4f8713d3a74611248311bb97ce_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-11_05531d4f8713d3a74611248311bb97ce_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6DF7.tmp"C:\Users\Admin\AppData\Local\Temp\6DF7.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-11_05531d4f8713d3a74611248311bb97ce_mafia.exe 89666F6D086EB789D848A3C5914474C368D24F5D462659646063F56888CFDA17CB3BAF2C8210AA0B6302FEA6E0518015E611BF9B1CEF44DA9C8AC177B33684FA2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5eaadcd19fed2f964b212f99082c68b56
SHA1706275a58286d8ad11e9f5e04a9797a7762eedec
SHA256ce9948e67fffc197973c3734d05d3bf24f1cc06be8318b97a997563dc2ef373e
SHA512368ac1ed5f6e05214c34c8972b8073c3ff05556ac061a68f72311869bacd181e0ac425e4fc05231d7ced7401c44c583e924996f8f2cf98fe25c6cd3139fc5b0a