Analysis
-
max time kernel
145s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
22/01/2024, 20:33
General
-
Target
2024-01-22_16a75df6027bab7a8c78c8d77f954e36_mafia.exe
-
Size
486KB
-
MD5
16a75df6027bab7a8c78c8d77f954e36
-
SHA1
72e220df0b23243e91b3dd28a1c70a968747635f
-
SHA256
1a24c9de8e6c415dfd7156ee519dc04db6000ccdb0a190a844e312f8bf3fb49a
-
SHA512
707e7f18c0c2d01d04b836e8161aa6ce6806896c3c7787104526c7e10d96962b4485cfad23837b0c8ce76dbf62db0ee6d1b0a7ec3b4e9bbce6b2bffb82d37dde
-
SSDEEP
12288:3O4rfItL8HP0CYvEqIwCxYgGFQGbHw1gN3Mo7rKxUYXhW:3O4rQtGPvYMYzFQIjNco3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-22_16a75df6027bab7a8c78c8d77f954e36_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-22_16a75df6027bab7a8c78c8d77f954e36_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4537.tmp"C:\Users\Admin\AppData\Local\Temp\4537.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-22_16a75df6027bab7a8c78c8d77f954e36_mafia.exe B423C7D01669A33BF4B5AEC3654ED5F97319C0E4066E1FFF6DEFFD9A85F85DC54DC8788E1977EF725CE126C06AF180CC1E3172E92CE71311FF95276B4E9EE2182⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD5c41b3d5a0a222be68f08825abf5dc0d2
SHA133b29cab0dbf3857514deccb234a6fae3000242b
SHA2567814c64f4151bccd765eb358ad49c970cdb7d29f5ee675e2b42f8aab8b4ee8c3
SHA5124f60e4b23f537a6a2797c52b70c8f9ec716b60ff230cd5bb396fff573dec8be60e7214b2d0f2348a7d38ae259c452905bec5280acb38affc46b3ebff54ae7b96