Analysis
-
max time kernel
93s -
max time network
96s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
22/01/2024, 15:37
General
-
Target
2024-01-22_f6c462cd2f129bd85e7c08c4e1030ac4_mafia.exe
-
Size
479KB
-
MD5
f6c462cd2f129bd85e7c08c4e1030ac4
-
SHA1
2463506bfbf15ef69c264566c899ba21a8ef434d
-
SHA256
dd0d10f2553f44b74b709b44d7b347f827919b34a118842d3b1ebbd01103a58a
-
SHA512
46f11d0c0262625216958fc5309e624fd8db60c3814fa24bc53b828c46cc1c8fe6666a61e9d2debbbf2ea5ddac9e28ceb49796a60ba97b8b3ce28d6e0b427cdb
-
SSDEEP
12288:bO4rfItL8HAOnG7yyzdlpyPyhZ3ctXv63mkD0Hoe75UO:bO4rQtGAOnJy56Pyr3gmm0gVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-22_f6c462cd2f129bd85e7c08c4e1030ac4_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-22_f6c462cd2f129bd85e7c08c4e1030ac4_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\54E6.tmp"C:\Users\Admin\AppData\Local\Temp\54E6.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-22_f6c462cd2f129bd85e7c08c4e1030ac4_mafia.exe 93B4414C8E69F959F1C86E4DC0864F11F6F7E688E92969F8A8786A4E9FA3F9790CF06268F63836624B4BFEAA67C16E5D82C1B617C6E68207498769370C3D88832⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD50533a6e718e413633becb5f58cb2fabe
SHA1b92ec6b44aafa8ac94f9fd50b7d0167007a0055e
SHA256d3a9781e20014c35b732c5ad3cf717f03059a6a32e535a4948398382e97f89f3
SHA512487d6dd66dec5b1375801b611a25c5b0f2c15e14af44d1bfde964dfb957d1505e599cbdf24cf58924a8c4a167f6b122630bb9c0a735785ddcd90ab9ad845d452