Analysis
-
max time kernel
145s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
26-01-2024 00:45
General
-
Target
2024-01-26_2da6bb545cd3b5a4c5f57a5b346a5c16_mafia.exe
-
Size
444KB
-
MD5
2da6bb545cd3b5a4c5f57a5b346a5c16
-
SHA1
94b2f7b4067d2ce50ce3579821c856172aa44b1e
-
SHA256
460a9ede72e1bc512e1be9b4639f00b08f7e93b43ebc8c92c0a2f51f2b477794
-
SHA512
83c2f0018579b716a2237eb6dad2feab53b10a2619dfb21501cdd8538c8112fc187e4e434b5eb1f7fb0559e36cef3c9f94af1c341a907d377300d0f9821dde8f
-
SSDEEP
12288:Nb4bZudi79LKy19TyXFl4ryFER9IUbZoBA:Nb4bcdkLKy7UFAyF49I8
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-26_2da6bb545cd3b5a4c5f57a5b346a5c16_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-26_2da6bb545cd3b5a4c5f57a5b346a5c16_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\55D1.tmp"C:\Users\Admin\AppData\Local\Temp\55D1.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-26_2da6bb545cd3b5a4c5f57a5b346a5c16_mafia.exe F142F7344363C55775B09389E0D8D7984D1B8BFF5E7F809F8EA40B7B62FC6AA84B36ECC9C8059D4AE1525973378B90710109BA4B535726B8DBB3E0BE1B19FF912⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD589ff37f087e607a1f8b9a20373acd7b9
SHA13bfc077d7828b1d7c9b48c78d2ea2aaa1cc2ceb6
SHA256b3c1aa1f98a6852593b3efd67f31feac201dcf1960bf6f500b55575321d96471
SHA512ffae7f7294046ff16606aea14f9ccc4a137203df025cf59e0b3517240bbaa442570676422dc72410fc92d56e70fcd809898e95ab66afac3bbf373d80b8f5e11a