Analysis
-
max time kernel
140s -
max time network
159s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
23/01/2024, 23:21
General
-
Target
2024-01-23_048b169951484650bbcb1c3e772dc3b4_mafia.exe
-
Size
433KB
-
MD5
048b169951484650bbcb1c3e772dc3b4
-
SHA1
744a387b3b97c08a563af1d349b2c31b6ea50ab4
-
SHA256
c928e8641f27a3f1a4ae0653eef682eab2ed1106a33fb0b5c150cf5c4d97cbe2
-
SHA512
8ff09b924eb813e4a3d1a0cca2aaedc83ca2cd5ef7015494cf5a64955acafccce863070954786533ea6d98f8e6bf221ac517cf02385ac4709b1b02bc226cecb4
-
SSDEEP
12288:Ci4g+yU+0pAiv+K5uKVb/efxq9A0e7oCfn:Ci4gXn0pD+ejt2fY9A0e7oCv
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-23_048b169951484650bbcb1c3e772dc3b4_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-23_048b169951484650bbcb1c3e772dc3b4_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\9153.tmp"C:\Users\Admin\AppData\Local\Temp\9153.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-23_048b169951484650bbcb1c3e772dc3b4_mafia.exe 8A23E2CB27965DB4CE0D0BF0EAF4ECE6FB6B50567BD716D11E939159DAE8B8B986AB9F9384BED7CF37F0D8FE9620C40F3B30101745CCF72FC4C34E226094DAC62⤵
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD539a8178e7d05fb16016e5e418deea815
SHA14e73bae28646fe4c5c62af7d9ea887278e775974
SHA256fa5eda546c5dfb41ec908e6e7a8f9327302d42fa335f022afe4fe7e18029d99f
SHA5121813cfc05fa01c98f7e03922f0b8aff59dd700910d529bf936808b520d87d80e521908719f355edf931b91a6d6c3fe2c877ec5e94969af4cd5d9355ae73de566