Analysis
-
max time kernel
96s -
max time network
112s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
22/01/2024, 16:32
General
-
Target
2024-01-22_102448bd2503a7f4641f0ac88407a0ad_mafia.exe
-
Size
476KB
-
MD5
102448bd2503a7f4641f0ac88407a0ad
-
SHA1
59a52109f76478a20e098a0612f1103efd7b0819
-
SHA256
bb0f536cb8bb130e0fb4ecb780ca622f69881a73e356c095e1ae31a051f8bd85
-
SHA512
a3a85c58817c7a732afb52d08ede85e9fcb327fc78e3d1479ee5c5a2397bf7dcf0bd0237bd1b03a6e69b3697dcc723bd394a802f1234c35bf725ab7d87b2c09d
-
SSDEEP
12288:aO4rfItL8HRiCt3U4aErpWow7K9wlsDpVFd:aO4rQtGRze4M+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-22_102448bd2503a7f4641f0ac88407a0ad_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-22_102448bd2503a7f4641f0ac88407a0ad_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\418D.tmp"C:\Users\Admin\AppData\Local\Temp\418D.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-22_102448bd2503a7f4641f0ac88407a0ad_mafia.exe 7E55730C49EE67BF4950AEADD06A1E3B6790E9E556A5709A456661C068779D44EE9874CAC3C87363E0F674966C7E97999F5A4716327717522C1395EBAD4D55872⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD548b8c8381be4d4f600c7c083a49ca1fc
SHA1c9b21f3ab03be792b45814f662301cc8af327021
SHA256e427932f3d7e2b2ce4fc8efb104ebe320f7387f6c1803fb0039b6d85d15a8cb9
SHA512682d204822b6def0ae7c3ef5b65bd7bf2ba7bfe174ace4c8bbefb491d728f5b26c4883c2df0e74a2099b12e4323cff23312d384b6e8579267c355016329d230e