Analysis
-
max time kernel
135s -
max time network
158s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
27/01/2024, 09:47
General
-
Target
2024-01-27_caba7db2d2510351fe0033c2ceab0734_mafia.exe
-
Size
473KB
-
MD5
caba7db2d2510351fe0033c2ceab0734
-
SHA1
18f12e0143d5fb3e8eaf310b3b9675bfa7e4b4c6
-
SHA256
65e5f7bdb91a0be9c3f16d3a7f37e8cdcef06981532fbc2c62c6c56b71e57c14
-
SHA512
d7dd69ac6dd9153ce74c7cc71b4c6af37d08791f9dff3819365cc6f0913f6542335ed35a7116e7de8edb62a4b1980c23734b1dc913db2a25973a3582c4ff0190
-
SSDEEP
12288:Nb4bZudi79LNe2rrvtQyg67FBeD+TPKlMA0a:Nb4bcdkLk2rrvtk67FB4+DKlX
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-27_caba7db2d2510351fe0033c2ceab0734_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-27_caba7db2d2510351fe0033c2ceab0734_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\51C.tmp"C:\Users\Admin\AppData\Local\Temp\51C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-27_caba7db2d2510351fe0033c2ceab0734_mafia.exe 0E541542E1EEE2FBBF7FAC5510572474028F589C22FE241267282CF2919E5BF950DF89E0483BE3B5FB28B50C59A8798C893DD0F8CF8734E4262F5D98E4E6913A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD54ee80a3457936f0827e84c80ee116fe5
SHA16aacc1edae176296d887d16c39e54fdf76f4d9bb
SHA2563e3cc6984f55236f25a26d03571698465e33766319063f30e68edee4c9be98d0
SHA512b5408a5d037ec108c9cc3bc040eca46cfe9b6059785ae57e3f959f95b1c7030b29d870b674be918058fe0154f518de6cb8fc8219a38e38e409f5b23b895e656e