Analysis
-
max time kernel
141s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
27-01-2024 10:41
General
-
Target
2024-01-27_bd86752d5472de2200eb0aa258e6d18c_mafia.exe
-
Size
428KB
-
MD5
bd86752d5472de2200eb0aa258e6d18c
-
SHA1
4c7bf0f089897a52e05da876024c368931c66848
-
SHA256
c0b21bcd07bb57f2160f01d72755c15a5dae3d699d6cc6db75030a5494a70a50
-
SHA512
f76fcef97d591d62b365cc98e5a0a5e417a4944a3cbb2c1cb2c5ef9e0f84e9835388ff706736e127121c9dbe831fee27cc5b87e0523dbefd82677ef268d9e00f
-
SSDEEP
12288:Z594+AcL4tBekiuKzErsFrePcZABZbKoTaDBaO7aXp6fG2l:BL4tBekiuVrsFSPGCZuoGDBaEa52
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-27_bd86752d5472de2200eb0aa258e6d18c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-27_bd86752d5472de2200eb0aa258e6d18c_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7EC5.tmp"C:\Users\Admin\AppData\Local\Temp\7EC5.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-27_bd86752d5472de2200eb0aa258e6d18c_mafia.exe E20C5B0EE04255F126E61BECB44CCE151B076D3B600CBD8B00810E9CC87D751241FCD11C43A2CB3FE78EA537768099A1EC07CE7F39308EB7701AB830D686490B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5df31ee2a34dd06c5bda64e4193c4e351
SHA1fa64240b4163d97722bbf822ac3376593b281c00
SHA2569f366f1f87544733bd102add15256aa0a6e5ca1689a5eb27775f9c16d744b26a
SHA51285aa8b24ccc27692021066735c4634106ba7176a18b37424846eabcecafd4bc20119eaca5613280c00f493b949729700f5f8efe557720aecd16bb1915bb12dd4