Analysis
-
max time kernel
130s -
max time network
178s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
18-01-2024 22:53
General
-
Target
2024-01-18_6b0f59414fc3023d7828b2e85bda2ea6_mafia.exe
-
Size
428KB
-
MD5
6b0f59414fc3023d7828b2e85bda2ea6
-
SHA1
4b63985c3ab70c96002fea614c645e7fd0ade50a
-
SHA256
0da63b70f63ab6e7b353862a3e60a1c171024dc582ac04a978d3b3a212558f55
-
SHA512
7ec27cc72328aedc5346869ab55200300facd37a09dddea1385714a1f1c105188a65ab886757776eda66522bed29253f586c7b595d6ded994690e9b8841ef281
-
SSDEEP
12288:Z594+AcL4tBekiuKzErn9TLZJEm3JUTyzpqyqHgG6LIkZ5yVl:BL4tBekiuVr9T1JEm3JU2z+qPZkV
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-18_6b0f59414fc3023d7828b2e85bda2ea6_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-18_6b0f59414fc3023d7828b2e85bda2ea6_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\A9A.tmp"C:\Users\Admin\AppData\Local\Temp\A9A.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-18_6b0f59414fc3023d7828b2e85bda2ea6_mafia.exe FD1E5565A25DD13039B1CC77A01960B408E62040FFC62ACF9941EAB382F56038045891916C3D0755682BEB5C1045EBBA2496F1393ADDD733661B48736829E8AE2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5b6738f55dac877e01ffb90a813c18b0b
SHA1908066b2e7daffa02688c6d5eff1430becee2734
SHA256e2d7add18e66d19bd83c7eac1241459de66cbb1e69ee623cac589feaa1eb8b8c
SHA5121d7e39caed6a340d9971d91c42ad42d2b67f22f313784f97d5c4eed117b6adb2ecd432538f584bd82b349559a311500c690e9af0b62a925c3ec44724d27491c4