Analysis
-
max time kernel
156s -
max time network
158s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
12-01-2024 06:06
General
-
Target
2024-01-11_cc239d6254dbb392f031fe4ab414db6b_mafia.exe
-
Size
473KB
-
MD5
cc239d6254dbb392f031fe4ab414db6b
-
SHA1
5352ef49fc735bf2186f3e4243ea687219e3a4e7
-
SHA256
df4f909412c78991a22636d7ec668d78a3cf8a80129f9b584d959dc9a2e11be1
-
SHA512
c89e748f465baba99dc9d2758ef8ded760ed7c8c9ab53446a1fc7bcff3172ae959677b19c8a0f7d595988a0ed300b487e744dddac707c0e0e908b24239340ed9
-
SSDEEP
6144:fFrJxvldL4c5ONK1xgWbd1s79+iStj/mbpgLmFVwZy9aiIAu6ejz2+7g67ATCkqN:Nb4bZudi79LfbSw8yQEua+t7p2VxA0a
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-11_cc239d6254dbb392f031fe4ab414db6b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-11_cc239d6254dbb392f031fe4ab414db6b_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\B844.tmp"C:\Users\Admin\AppData\Local\Temp\B844.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-11_cc239d6254dbb392f031fe4ab414db6b_mafia.exe CD7CA9F9870EB0732FAB8D8928B5BEA639E0979A013D27E7F50A8940CFCCD9A7B381B607ED2C6254DCB9A074D94FC167138E362FD0B0D0DBC8637B1C87BF9CEB2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD55a52557b8652e297ad654b983a0e909c
SHA16b366dda6ab7ce60f0d8e25009f2235499ed65fb
SHA256754593fb1dbc5e25b00f31c72a8184466da74b8273da7d3589cfccc41ef8c143
SHA51239970c39349a8e6593d95546cc32c86eeaf4a36b124ffcb9c3ae2910a18942bb7e27118fce60e5eb63ef646bfbf5aa69e92cc30db6b2d239d9435136b74ffc17