Analysis
-
max time kernel
144s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
25/01/2024, 08:22
General
-
Target
2024-01-25_06c65f7976ef17e8b18d318d163f2eb7_mafia.exe
-
Size
433KB
-
MD5
06c65f7976ef17e8b18d318d163f2eb7
-
SHA1
c8c7749d690d0647c61a19eab0e60799ddcc387c
-
SHA256
6f0736aa8804a9eb7943de1f12b92e1fdf1f99ca8a8b34c50d9ab4ba51d5a3dc
-
SHA512
9886da5f0ee4952b08870a13b408566d2fc88c630fd03faca77af951fdf54cad22f5aa9d9299460bbc8c95f7d8d23f907d34ab90ace509ec13f3563ce5297512
-
SSDEEP
12288:Ci4g+yU+0pAiv+svUECX2zJcN4CDgggGYrZn:Ci4gXn0pD+QPl6C3gKB
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_06c65f7976ef17e8b18d318d163f2eb7_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_06c65f7976ef17e8b18d318d163f2eb7_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\70BB.tmp"C:\Users\Admin\AppData\Local\Temp\70BB.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-25_06c65f7976ef17e8b18d318d163f2eb7_mafia.exe 1A9DB44176E1333FFC46160E57B5F5EDB37D6CF15581269D839B307FA491C17BD1BFF68623461F3ED86017D4C02554A1E0838C65E318F4155BA52ED6A14838642⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD541dade9f7c7fb1ad6888d8555eeaa371
SHA12391b387b90586ba179bfe18ff59b34f66b8f1f5
SHA256b54e9c7d0a39a45580b31af4ac6d184e6b1d7478ef2f2fdf2429b6198bd024c2
SHA512ebf3f136201edb0ae4b694dde3456335f7a4c308eb5994d1048ae00275e5ec2bb99cab2ffae9dec49ddb0de71d08f1378b67278ce41063bf75b1a86a01b7dfa9