Analysis
-
max time kernel
127s -
max time network
194s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
18-01-2024 23:30
General
-
Target
2024-01-18_e9a1dcec28ac1f174f6814438404b020_mafia.exe
-
Size
479KB
-
MD5
e9a1dcec28ac1f174f6814438404b020
-
SHA1
202c7e9e24f9aabef435a6f64b5677ceee702530
-
SHA256
af18a84b4544c2b9df66eef62004f88c530f06481a44642346d079aa0959bdf5
-
SHA512
ed38df9b04c9b62ea58c5bda830a53c5b8d1b0edcb085248ecb97a22eba4683a156c2be6bcab4953336923f9cf18e5726a95a9870506c7a622ff258a82dc92d5
-
SSDEEP
12288:bO4rfItL8HAYuxn0282xuM/eGx1OmvIK75UO:bO4rQtGAYY0oX2KVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-18_e9a1dcec28ac1f174f6814438404b020_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-18_e9a1dcec28ac1f174f6814438404b020_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2CA4.tmp"C:\Users\Admin\AppData\Local\Temp\2CA4.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-18_e9a1dcec28ac1f174f6814438404b020_mafia.exe B01E8F4CCD380AB023889DF0E362678E9D0CE31D7BC26CFD316EA12FA57F0EE8409E26A2CC810783297880A8CB210A9F4DA17BE22FE4950D1F4029FCB10F80792⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD54073192541f022397768ba81a4a9dab3
SHA1a8bbf35334619f949967c81ce8523d3f9b203441
SHA2560e9d6d167196b63a4b05846bd289110b48b9585f79ad164baa183b18cfff7c81
SHA512bf4aa7548e4a44f9e75806fb76dfa714ebf22220e52a903bccd19fe5e12719fdd0b4dde7be45fcc7f96e427a62e7efddc94880e7fd94d8ac61b620ac3e349ddf