Analysis
-
max time kernel
143s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
18/01/2024, 22:25
General
-
Target
2024-01-18_0b8631195f388a7ff6876ca77786d855_mafia.exe
-
Size
444KB
-
MD5
0b8631195f388a7ff6876ca77786d855
-
SHA1
4bfe263e742f967f873bab1aa6ee28ac8fe8eed2
-
SHA256
460d25b98b6ba2075af5d1218cbf3d0148fcce402a88a504c0557181f5fd7213
-
SHA512
4ddbdf66210692885a4d953414a43c9b792b9917aa972010ee358fe5d3e7038c5a406ff655e5f57d496718d18f7e524a922d14cfa7a314459c9d5d10a4cb85be
-
SSDEEP
12288:Nb4bZudi79Ll+r2eB2IQfiCC6Y/uirG3w6P9A:Nb4bcdkLlfiztuirG5P
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-18_0b8631195f388a7ff6876ca77786d855_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-18_0b8631195f388a7ff6876ca77786d855_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\42B6.tmp"C:\Users\Admin\AppData\Local\Temp\42B6.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-18_0b8631195f388a7ff6876ca77786d855_mafia.exe 8BF8919DBB9B7AAA6EF05DC1EACD46601712AEEC3CF57662B7B242FE3F87409AC0C83FF94B941A42E40DD40DF735C0C6FB9A4B53477839BFBD179A1E81F6E19C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD525729b0ea6e31e4bb149811cd7a24dad
SHA179037acd2195f284e8060b7344ae60cfa2749ee3
SHA25676ac317c7528fae616e688bf2d27b4dca7c805a874f6091f0ef423ae62bcdb0a
SHA51282d1da98c885d476662a67a89acc9a6a569d446bfa54d5f4b8027f7925126a18324f78bb613eca7bfece9ce15e9b74564711fe1e510bc8bcb21ec9f165313f34