Analysis
-
max time kernel
137s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
27/01/2024, 10:23
General
-
Target
2024-01-27_11ff46b82a620b761e4be8b0d20c72a6_mafia.exe
-
Size
433KB
-
MD5
11ff46b82a620b761e4be8b0d20c72a6
-
SHA1
560fccaa153b48306ca485a6b94f685a24397e3a
-
SHA256
b4e1b26c7d8160f516f48999b6e445d0d1ca1040e3267830d4ac71f67dc14160
-
SHA512
9716e401ce5ba87ab73804a3910e9927c18aba6e227433bc7bb3cd59685754c90de4fd729c333e052d628b8af186491f8d431d1e294273377aabe206dc2279a1
-
SSDEEP
6144:Cajdz4sTdDyyqiOXpOd0p6Jiv+vtvFJ9Nua+oJGP31GFvc5OYrZdc6F3vn:Ci4g+yU+0pAiv+TRfy1Gl8rFfn
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-27_11ff46b82a620b761e4be8b0d20c72a6_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-27_11ff46b82a620b761e4be8b0d20c72a6_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\F1E.tmp"C:\Users\Admin\AppData\Local\Temp\F1E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-27_11ff46b82a620b761e4be8b0d20c72a6_mafia.exe 9D7FF7E6EAF30FA4C98214D2AE03CB001AD989912B9B814E01FAB2BB03B507521FDCFA6C1A385CAB4522CA209C7BC9D880CE97AE7442C7D448B1B19EBD5935022⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD50e188f9198d165990d822a01ee0d60bf
SHA1e6c8261bc5beb9510f73bafe1c54221bfe35e47f
SHA2564c61a432ce603f22446532cbe42005d5f0d0ce5c56bc9b4fe38f99cfd4abf9f7
SHA5120dc09ae772454e470116d84206eca1b20729ccb7cde32279178d04282ce02f91950645adb2a6c1c128ea10b6fa42f51b746479824b3b15f9a790434d899ef7e6