Analysis
-
max time kernel
135s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
25/01/2024, 01:26
General
-
Target
2024-01-25_3dcf83479443fd450a07af6591dd4c6e_mafia.exe
-
Size
443KB
-
MD5
3dcf83479443fd450a07af6591dd4c6e
-
SHA1
52c5c4d369cfccbb8703fec69ccfe43de3a7a5d1
-
SHA256
562d5af321b782f9daa8c4195ab5b28b4cec21ce04f608fdb16e3f36c0ed1d41
-
SHA512
8a97d0295242d944e02b985984faeed7482d26c96a64cc9cf2a64844e94b9f84948733faeab66b105d6446e7f01591fec44261e50def0630252f379a3ad0023c
-
SSDEEP
12288:Wq4w/ekieZgU67OE8H5+GZ35yoKaigGt7trJqKuNg3qzqnlMa:Wq4w/ekieH6abZ+QyoKWGt72KQg3qenP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_3dcf83479443fd450a07af6591dd4c6e_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_3dcf83479443fd450a07af6591dd4c6e_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5081.tmp"C:\Users\Admin\AppData\Local\Temp\5081.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-25_3dcf83479443fd450a07af6591dd4c6e_mafia.exe 5AF45FCE1FECAF12CB7AF3EB088E76907FAF2AB1E488DF6149B2DB34707B68FFB737AB380CA917D0C793C1A34A4309DC6F7C2A743AC1CA3DB5A16EC5ABA35C5A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD50cdfaa5d587ba1ae838177d27ccb6672
SHA121094cb3b3460541c76c0180beea1f3b3cb04e3e
SHA25637b6c8bd8f78f7595734c3d604c6b70f5117a4a16ac100826cab0aa5784f9b36
SHA51246a77aa891ac8b63635e946167523d2cb334f7c7eb9f72e5f5d0f9c11ca258a9e31e41791c14c8b8303983078420b0e97abd0c5cb7c2aa16a1d1fda85bc0de94