Analysis
-
max time kernel
144s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
18-01-2024 23:31
General
-
Target
2024-01-18_e9d055f5b79a1efca253cc86221f7db4_mafia.exe
-
Size
433KB
-
MD5
e9d055f5b79a1efca253cc86221f7db4
-
SHA1
35cc6809738a8f9ba62593ec371e4354dc909e6f
-
SHA256
f48cbc41d68a415f34f7970e1959429d39edc8ec8b6e9335869b95b4046a877c
-
SHA512
85cb87c97bdae88bc9cc4110e450227d2cee4ccfb33564b365587454189267dc9db92edcf606714ac48937da286e7b1fb0dc480f0d6696795f0863d40fbd75f4
-
SSDEEP
12288:Ci4g+yU+0pAiv+OqyeDDMhrkJQJc+MlQ7An:Ci4gXn0pD+ryeskscZR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-18_e9d055f5b79a1efca253cc86221f7db4_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-18_e9d055f5b79a1efca253cc86221f7db4_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\45B4.tmp"C:\Users\Admin\AppData\Local\Temp\45B4.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-18_e9d055f5b79a1efca253cc86221f7db4_mafia.exe D9319CAF388C114F5324D6636E374C9B08135A85A823C51F82902C0FAF1096D4BA4D7160D061E5F09C67C914A8F767DD0FAE45B00870ED30C8FF89B4A735B1122⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5678193cfb19903b27fafc480d19b3f55
SHA134e3a1060e7f9dd3296b540f6ba8d579184e3423
SHA2568961952f0d2e16914974b26b7ab5b0eaffa1e168ee28be2396289fda375966d3
SHA512afe86819c0cbfea015b353c31ba7e4e39fdd87f2d4ef4951e162bea77e68d77b6b569bc1fac263fc0c2acb3b0fe7e961ba07b4a6ece15d9c9aa5b47add9b1b29