Analysis
-
max time kernel
139s -
max time network
144s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
22/01/2024, 20:42
General
-
Target
2024-01-22_b25f453dcef38e595fd9a35f9163bc4b_mafia.exe
-
Size
433KB
-
MD5
b25f453dcef38e595fd9a35f9163bc4b
-
SHA1
57f5ae718cf96c108ce0aac8af0961f47af61c70
-
SHA256
e65acde4bac6cac7aa8e7d2c84ac816a90b562099371de070bba6325bdbe13e4
-
SHA512
c782d0f4f3cc2afc52d618e913ac0f132aade0922ac06ea759b1a3b722941450def9284355480b0cef237af731444fb1629e863fec17c7412b3bf73fda000d43
-
SSDEEP
6144:Cajdz4sTdDyyqiOXpOd0p6Jiv+vtvsG7Vf7EKj+8d1GUrd5uAL24zBg7fJcKvyHn:Ci4g+yU+0pAiv+tVf4KjlbPdg7Qn
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-22_b25f453dcef38e595fd9a35f9163bc4b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-22_b25f453dcef38e595fd9a35f9163bc4b_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5851.tmp"C:\Users\Admin\AppData\Local\Temp\5851.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-22_b25f453dcef38e595fd9a35f9163bc4b_mafia.exe F05563727F8FD222E53F6800D1327F0E5801C2E19C4C67B2E81170FED9B5A67EA6AA181E865E25E52ECEF1328D420D783B428E9931F08D76F7A2D891AFABA1B12⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5d02969e7ea6c78ea1b5a13aa7086bfd4
SHA13bf6f583062ca3f6cd58f917c7ba87d0eab7b382
SHA256a077ef7c969b25220a1c41d619259a10b7b3c938fe5a27f73005d2a63c44ac70
SHA512c7579dae1943cffd2a29fe952ad3264d6a91553d72e2e3df12f8bb4911c6c47e2084af5cd6039381a6d75b1dcb70820597b164c7d16f6c1a36c851f6199b984b