Analysis
-
max time kernel
91s -
max time network
148s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
27/01/2024, 11:39
General
-
Target
2024-01-27_b83a4e5722f5f917a9acfa2a586cb2f2_mafia.exe
-
Size
433KB
-
MD5
b83a4e5722f5f917a9acfa2a586cb2f2
-
SHA1
2e6e7b3b8fb892faccd597dc9367347763a4632d
-
SHA256
050cd0c29701e02d176ce0368f16a497770660cff40facfbe80d426e01cfca12
-
SHA512
647eb12a5f6bf92f264c0fc6ea29691fa5e060a1ede4488a90d7860e726fccc3c9781f2127a10415f7fe69fd971a9c9ac7ff9bd1bafd356ad179d2dc0ed8762d
-
SSDEEP
12288:Ci4g+yU+0pAiv+r4OsH28HBZtQ3rhISHAXFsiCbn:Ci4gXn0pD+r4OsWs2r7HAX8
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-27_b83a4e5722f5f917a9acfa2a586cb2f2_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-27_b83a4e5722f5f917a9acfa2a586cb2f2_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4371.tmp"C:\Users\Admin\AppData\Local\Temp\4371.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-27_b83a4e5722f5f917a9acfa2a586cb2f2_mafia.exe E703348E2EC05601DBA50D831C28AB6E9BA8FF1419ADE752E5A79F1A49C3B4265A83F6C7C2CBAC13B6DD046AB387A08A6F553913E4EAE7BF670A0A535AD352332⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5faef17f2a772c951689496a5159aabf0
SHA1e93df20b924ee086371b3cc6d8b581a0de17ad17
SHA256cb40dfcdff94edffeceb342845154061658e301f1b05e25d9ceee8a912f26b1e
SHA512f38ec0ba2b0c8ebd596fa86a1f2eca330ddc0992d7a2b0ac996fd148ef919212e5dcc28c4fc98758b3c8ba66f919f5627b8162db0582df6e5f96b02095c748bd