Analysis
-
max time kernel
93s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
26/01/2024, 16:24
General
-
Target
2024-01-26_39e4c85b142e17f975d9f163b9d330ac_mafia.exe
-
Size
444KB
-
MD5
39e4c85b142e17f975d9f163b9d330ac
-
SHA1
2e2fe0dd05528ea846e775cf432252f6bb59009c
-
SHA256
347c7e5978c4a7198bb1b560b8d8da5162bb7318edcb8493808febb61fb04c37
-
SHA512
c1c0784cdd40575bf83da2e11d502d5383771eddc8b9051457968605cbbed46b6e8f0cfb2c47bfe3c6a428caa85de5c543a67a536e7bf3c2b921e178a441ac84
-
SSDEEP
12288:Nb4bZudi79LqrFBYrZCI/C377x6k+j3sB+HA:Nb4bcdkLqrFCgPx693sB
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-26_39e4c85b142e17f975d9f163b9d330ac_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-26_39e4c85b142e17f975d9f163b9d330ac_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\514C.tmp"C:\Users\Admin\AppData\Local\Temp\514C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-26_39e4c85b142e17f975d9f163b9d330ac_mafia.exe FD9A5FDE9A173CEA02033ABFE5FFDF90E52B849222BCDEB4EA47646CA355E5FE382B62FF2E53742031F75D955E82B567682C5D92F415538896078466AF11386F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD55f4f2faed77aeb406cff6e7247a28437
SHA180962f8c369c6961c066971a0e0ac45e42dbd65d
SHA256eb7b5091b9106f5005c905f3b794f0e4c83e2ba0ae4e5eaf8f47cbf3078247db
SHA5124c4427beb32b415a651c7ff4c3299fd7db6067548051f4622668b0cab536fcf21957bbb9cd1a4b371b81c9b1066137730a6d6896d768462017d60281d0ec8437