Analysis
-
max time kernel
91s -
max time network
121s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
24/01/2024, 11:42
General
-
Target
2024-01-24_19ecaec2be000078e63a6bc371c319a6_mafia.exe
-
Size
433KB
-
MD5
19ecaec2be000078e63a6bc371c319a6
-
SHA1
81bfdbed98f6bce8097d07d122646451e3c5e5ed
-
SHA256
d594f16eb93e8eb393609e29f8420ea6999727fc907ef02ec5beb91071edbf6c
-
SHA512
e850bea8a27854922864be59e1ab43a674d77a9963c3bd9ba0ce95f2c20324be48ac385752c2b198e60e4b653882252d1d6e54032a1e21fb004ecf12685d3d90
-
SSDEEP
12288:Ci4g+yU+0pAiv+inDWIrhvH4jwhlKBRXP1F7n:Ci4gXn0pD+inqIRYjweRX/
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-24_19ecaec2be000078e63a6bc371c319a6_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-24_19ecaec2be000078e63a6bc371c319a6_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\48C1.tmp"C:\Users\Admin\AppData\Local\Temp\48C1.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-24_19ecaec2be000078e63a6bc371c319a6_mafia.exe 0F898D14CD21AEAE926E03331E64C40F8A13BE0B93B21DF1BD4758F9CB93F76C84D5CB0B19E6A1D8C45C502C4D2EFAF828D54449DC7C9CD6794EF05A855F06E02⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD580d2bd94493f95bd507e3d6ac953a7a4
SHA1ca366ebbce1db0b32964f86bb969e0cc677ea508
SHA256e5eb562f816afc9b29c3d2c13f71a538308ec00dd9842c78c07a2579bdd4d02d
SHA512005c3973272541823c38058b670dbd2371a09d0fa01d1052fb8f6d486e56f7ee824bf686d102cfe29157ee44d684c775e59ab7f004fac725ebb171cd2ea8de73