Analysis
-
max time kernel
143s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
28-01-2024 21:47
General
-
Target
2024-01-28_9a0bec090ecbf8cf9394c20d6bb9508c_mafia.exe
-
Size
476KB
-
MD5
9a0bec090ecbf8cf9394c20d6bb9508c
-
SHA1
db76c7fcdc5e5adc7714c9f89efbfa95888cf92b
-
SHA256
b69f8b13f6c348c8e431f3596a4583d58db500cd9a166f7d3ccc165ef0fa7054
-
SHA512
7e7a621e49be62f97faaa261f08424489812e64b2441835027400c4a1f2756a32e5f6c9944b0706341057616535033ed779a7684062a45ce466961dd0a744119
-
SSDEEP
12288:aO4rfItL8HRkT2GgzuvR7pW8DTp4LrUanldVih7K9wlsDpVFd:aO4rQtGR2lfTpGLnch+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-28_9a0bec090ecbf8cf9394c20d6bb9508c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-28_9a0bec090ecbf8cf9394c20d6bb9508c_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6234.tmp"C:\Users\Admin\AppData\Local\Temp\6234.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-28_9a0bec090ecbf8cf9394c20d6bb9508c_mafia.exe 76439F20B1E2B4778EB3834FB6FB80B808B99E9BEF49E88433C61528C7AC3841B42C6F95D8BFE68E50B0C5636C10CC3B920BF2A3005B6534F59E13EC0BF90EEA2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD5121e34ab0525d1dbdde6f79c803bb9dc
SHA1becc035640399418b2aac0d0f63457b209094fb3
SHA2569ec38ef54afe7a847f253a73bf39cc18039333c85b27e80befe4b1df22c356f7
SHA512b73f951920e92650aad486d7f594c20fbcc4d5b37c44ef33c09fe72519e5b29da4e11d0651f67c222ddb8c0c70b21a67e1c7d6d545e62ae224ae21e48ba61f40