Analysis
-
max time kernel
144s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
24/01/2024, 06:30
General
-
Target
2024-01-24_7fa1bd4ed3f7190a5d564ce9f0f3c343_mafia.exe
-
Size
476KB
-
MD5
7fa1bd4ed3f7190a5d564ce9f0f3c343
-
SHA1
0833735c3e90c16a13afc350f32ff0999bfd28f8
-
SHA256
ffc2056723105a426eb9dee86e2a357b42cda50c451074de4b1e5c374799e0c0
-
SHA512
ffa820f3bddec92b8db488404a169804b80583fa2d89936528fb6a709b258fb6fcab024fb51225698480b1edb33d0821c54cad2ca45daf10de2816f99e785201
-
SSDEEP
12288:aO4rfItL8HRJ3QLEsyFxorjZDx0eyS2CH7K9wlsDpVFd:aO4rQtGR4Eh030eyS3H+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-24_7fa1bd4ed3f7190a5d564ce9f0f3c343_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-24_7fa1bd4ed3f7190a5d564ce9f0f3c343_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4362.tmp"C:\Users\Admin\AppData\Local\Temp\4362.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-24_7fa1bd4ed3f7190a5d564ce9f0f3c343_mafia.exe 5B211D5141EFA5F8D42888E84CB4A780B00CE33194DDB169950905DB8ADCF9F0F0A29E4C8A78627A12773EB7BD934FB644E02C4E903478064560E0A79AC444192⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD5aa944945182a05a5a168d0950f23ed29
SHA1b306647c04a5805f6ff1fd67c1962db354064ed2
SHA2566183f88caff7dcb0831c5a0d9e5dfc573e00b54b43fe86c8c050678f2f3facac
SHA512afad05eaee916c90f3298cc48be3bd992ccc99cb4b5acf8491dfb60bc15f3e96ffd43000ae813984ed0a398cce1b7c1cc12daabf898e91d2a5ed697df04552a5