Analysis
-
max time kernel
140s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
24-01-2024 20:27
General
-
Target
2024-01-24_a38cb32481b83b250297cceb2a65d459_mafia.exe
-
Size
433KB
-
MD5
a38cb32481b83b250297cceb2a65d459
-
SHA1
4b763ce0edb710a18fe49cf5f5597cc9d3039435
-
SHA256
dc8e175fc48e82bb6dbafbd7da3f48e478fe360fe2f36c2535e28effcc7d743e
-
SHA512
7c02c79ebd1b7d4af89cfe98a584f9e6aadee1a3918b85a10af8c9e8f71ce0da1aa43deefe1c19d9541a0c181fc087fd092f9bcba79805706bf3b712a743232c
-
SSDEEP
12288:Ci4g+yU+0pAiv+x4BFlrOEhRcZZaJ4k58gn:Ci4gXn0pD+SBFlr9hRIoJF3
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-24_a38cb32481b83b250297cceb2a65d459_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-24_a38cb32481b83b250297cceb2a65d459_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\A73C.tmp"C:\Users\Admin\AppData\Local\Temp\A73C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-24_a38cb32481b83b250297cceb2a65d459_mafia.exe 2342FE0A1413B596C5B5B46B0E1339F76BF881D3A9E01753593495177405071CD901E83C1A844AEAE466A43F7CC29907C70AA02A3669A107985647839C7A625F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD522bc307d8fcb94056a5974f29726149b
SHA1fe219c410244ad3f6c46f5eb56d9fe873244e2f4
SHA256e5c5d88a854678e3205d5f0cf50fffebe02c2d38600fb54155aa096ebf64e8ca
SHA512d78a99326c9b3af27925663f10ed8116b7b1fa3d26027a9bf982fb2602c7767acbf809ef04f6708967abc0701e7052c19143c453640205be4bd605f56407aa57