Analysis
-
max time kernel
91s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
18/01/2024, 23:29
General
-
Target
2024-01-18_e4107f4baf742a2cf746b76c58725983_mafia.exe
-
Size
444KB
-
MD5
e4107f4baf742a2cf746b76c58725983
-
SHA1
77344fdd39d5237fc1a9529b89b5cd1511cd7a47
-
SHA256
db7e49851253c416af4fdf3da5c2a04ad07b36d394072227b6b53acaf567e233
-
SHA512
c4c98aa251efd8e4cc6116f0a1d7e1c76345f4f2a3ab3b322fe8c786383c9b06c1738f58c7c13c761fe214a879f1067aaa1f6e52c4ebc98e4e99248898f20306
-
SSDEEP
12288:Nb4bZudi79LUXMNmhUgwzwgz2VRnOGhlsQA:Nb4bcdkLogm+zUVpOs
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-18_e4107f4baf742a2cf746b76c58725983_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-18_e4107f4baf742a2cf746b76c58725983_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4D93.tmp"C:\Users\Admin\AppData\Local\Temp\4D93.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-18_e4107f4baf742a2cf746b76c58725983_mafia.exe A2274F536E4A03279F3AF062234C770176D7D18D4E77D4FD5BD484DF15A093F6E54AEE49F1BEF9CF67E8240E96E4FF0013C88854F969AE6416AC986B87A566D72⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD50b1e0c94404bc52cd4d5e854ff0f8148
SHA1237f3df6d43c2c6d70d891d317d6e80b5d2ac06d
SHA256f8b239f82f1ff322978642d3db08625d70aee978fbf584990d5b91fac1f810cf
SHA5126b9795d63be1b905d3379a1cf88498033c549eeff5aebf3a9d75bada09792ece08587a151649b1901ad6de288a344bf0c25362fdb74bc4e60011ed4848a29504