Analysis
-
max time kernel
139s -
max time network
182s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
12/01/2024, 05:58
General
-
Target
2024-01-11_50a7364ef99ed821acd481bdded17503_mafia.exe
-
Size
414KB
-
MD5
50a7364ef99ed821acd481bdded17503
-
SHA1
52b325108522bbc24715661fd22f5816446763e3
-
SHA256
f08990c947f5356c50c2091b3b6e7947729b2dd898f11e852a537b34874ed5c4
-
SHA512
d5ad74a0f513e8014cf5e2864033c6b0f7cee5cb0a886434cf61d547ecacfacd7b166ce30bbaedc4b64bd63644512e7672008b130ca2db63830396219775beef
-
SSDEEP
6144:Wucyz4obQmKkWb6ekie+ogU6BYQ+wXmOpMynZELoigH2V1ToScP3Xz+qoMXEEyhD:Wq4w/ekieZgU6H2hynZyHcP3VEEclx
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-11_50a7364ef99ed821acd481bdded17503_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-11_50a7364ef99ed821acd481bdded17503_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\17D8.tmp"C:\Users\Admin\AppData\Local\Temp\17D8.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-11_50a7364ef99ed821acd481bdded17503_mafia.exe 084768BC89001A01C4926891E3A24179265B668ECE816400BB1DB10474934B84CA84F75A36063B5B6155CDE6698A6F12C26B99FDA9CAA94A3C93A6BCB95F95FF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD5e468a3c8bed70fcd69318597294ea6c7
SHA1030f23e1c8bd2fb77e55662641ea86cbc6a9e2e3
SHA2564d415ace8ccce8a610cde0dbb9084ecb30ab346182aee35e5bd2d4cd7805678c
SHA512e484ec32d9a0e5c539f66df6d2891f8d3134a56771c3411c186fee2e4e382f4a47ac8d3fa5d6087fae88275ba1cb354c1d57d3140d33b2bf953eebe7671170d3