Analysis
-
max time kernel
113s -
max time network
195s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
18-01-2024 23:16
General
-
Target
2024-01-18_b860cdf3cab7e5c000206b6f4b938314_mafia.exe
-
Size
433KB
-
MD5
b860cdf3cab7e5c000206b6f4b938314
-
SHA1
e5efe592ce103fc731d143c257d446a56c3850ec
-
SHA256
c7aaf72e784a3c1009bc5b7e29e68b245c976bec5e56161706070d822b482e0c
-
SHA512
dd30a64151455e505b3c8c0fccc711033821d283194d11ad5f6eaca21349c1f45c3a186db5f146aa1932f2e8cf63399b6b4180b5161b831e19f3aaf763c01777
-
SSDEEP
12288:Ci4g+yU+0pAiv+Rmn01GannMZtznEcUZAn:Ci4gXn0pD+Rmn01CH7O6
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-18_b860cdf3cab7e5c000206b6f4b938314_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-18_b860cdf3cab7e5c000206b6f4b938314_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FABB.tmp"C:\Users\Admin\AppData\Local\Temp\FABB.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-18_b860cdf3cab7e5c000206b6f4b938314_mafia.exe E117F4D632C06A7DA980D5CABD2ED52A3740B23162EF24B57246E3663B1F43566EE2F5EAAB64A204227B117DCBDAA75BD0678133E460D99CD9651FAABD251EB92⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5a89db97847d994ee072a3d13a87698ea
SHA1b4407c57a90693790b1dc03c135df81bd1ffa643
SHA256c4189eeaadda97ae0d830f648959558ed83924de7981f58ed44636697a5961c4
SHA512cfedba71e215c28171d67f6dafeb3917d500cfa920502987b9291f6679222c841e4f9e42cf214689311cc95afa3eaf69b62c4bf39b6eebc6c71e112445ae6c45