Analysis
-
max time kernel
149s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
19/01/2024, 12:33
General
-
Target
2024-01-19_27f8308f186445957d010836c17725bd_mafia.exe
-
Size
433KB
-
MD5
27f8308f186445957d010836c17725bd
-
SHA1
40e187a693251c5891be11ab735c1ee4aaf36649
-
SHA256
e579d779de57cba32d703ebf128eb42316e4879a76199ba4d49d9b356d2fee44
-
SHA512
8e55e385bf34a6ab49003120e5d7fd6dbbd33a3831e367421da4b11357139ca5064368d16a5ed4ac88574747303d1eadcc4a46461ea331e529ed47847a8d403b
-
SSDEEP
12288:Ci4g+yU+0pAiv+EC6Kwas/6RxJIna5EE3MvO1xPWE8n:Ci4gXn0pD+ECVwasCJSa6E3Mv1
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-19_27f8308f186445957d010836c17725bd_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-19_27f8308f186445957d010836c17725bd_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4BFD.tmp"C:\Users\Admin\AppData\Local\Temp\4BFD.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-19_27f8308f186445957d010836c17725bd_mafia.exe D5F0D8E6A8396C5A37C304AE34C557E5A3AA706CB4DD5482CA9C1A9784AEB7B146218F87EEF7431E1539683EFD839288D9D0C2FD934FA33D2525A17E5B551A602⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD55e3dd30f0715a0120130ce4bf65467e4
SHA1452eaead7bf7118582ea232926236a27be27fd3b
SHA256e8659567fdd3846cf9d8f3858bfa596931b1ecea8aa0dc2877a3a1e1460af20d
SHA51235ec31370dfeb544b37c06b9c90f5f9b07aaad4aa6ba2b9eeb2fb6744ea1abcd3d9662d5299f4c7b1b5ead65ea01e56d7636ba463f18802390d102387c4e1e5a