Analysis
-
max time kernel
152s -
max time network
159s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
27-01-2024 01:31
General
-
Target
2024-01-27_cbfddd77264759b357a32c707d1826a2_mafia.exe
-
Size
428KB
-
MD5
cbfddd77264759b357a32c707d1826a2
-
SHA1
9ca973c349ce0b2f104b6790c27a2532fdd3c1b7
-
SHA256
d4a5496b596ff6d160ee6756e320ab8bccf68bd2bd7cbdf085c68a52d2e39b3f
-
SHA512
9327246ef46671bf3cd9bf244becf1410b246091708879251ad5a1ab3713916e5ccafeda7a1558fa19d8500db4b119a372665c14f8b222ba420f83e010d73222
-
SSDEEP
12288:Z594+AcL4tBekiuKzErin929Sov0KSnQufl:BL4tBekiuVrinoSBIuf
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-27_cbfddd77264759b357a32c707d1826a2_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-27_cbfddd77264759b357a32c707d1826a2_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\80B9.tmp"C:\Users\Admin\AppData\Local\Temp\80B9.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-27_cbfddd77264759b357a32c707d1826a2_mafia.exe C71DBD4BABFCCA9A83941F88CC11C489F043A23ACB3EC24AD54866C11B247474933DF73CA319E1A9B4558E8348051B5836DFDACA0BC1687DCBDBDCD7A88B05B52⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD564d2bd97241830712fddc3cfb0b50449
SHA1b060e70a1840c3f45672f4059c87cec309ade3fd
SHA2563a9c4bec7a6e8348e60c2aa61a24ba790ab741476e94673ba2ba9a9923a9a738
SHA5122a54709b537b571c5208e759e8797f797273f31a0fe802587c70d47b4f5a99ccde1efe740f5954cc0317ab63ea1f1fbcbae9b3fadf246d10657155e543645abe