Analysis
-
max time kernel
141s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
28/01/2024, 20:37
General
-
Target
2024-01-28_ba69bebce0d51ace0049650a59581599_mafia.exe
-
Size
476KB
-
MD5
ba69bebce0d51ace0049650a59581599
-
SHA1
43e99c814a974d6d44ebce74d90e2be335948080
-
SHA256
3fdfa2eeb915835202c1e8c99b809e0fcccfc3af30e7dc295030bca67447b2ed
-
SHA512
911e48b03d62c0465e6c2a5640e6ed3d759e92ddff97bdd65005a6fbbeccfcb52bd7e9f1246f6b86c985c9a9cf00bf53d247e74af9f509381b2b4d787c514e3d
-
SSDEEP
12288:aO4rfItL8HR0bczcQ4L0dBpkdRgTVbTvZieNakq7M97K9wlsDpVFd:aO4rQtGR0bwcQgm4KJ3NgM9+9wlsDpVT
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-28_ba69bebce0d51ace0049650a59581599_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-28_ba69bebce0d51ace0049650a59581599_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7E29.tmp"C:\Users\Admin\AppData\Local\Temp\7E29.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-28_ba69bebce0d51ace0049650a59581599_mafia.exe 92E3A13176EBD597625CE527FE17AE0FB847FF43F479B663F96668A7DE26E0DF97FFCA6FC5AEBF53D66FCC6665192943D996C4CB41AA5BD7B43B9FCDB334980E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD55d425f9b22b5f3f3fd8a8bec4201d2d7
SHA10b5e32673da48ca3e69c41b2b9a40e3ef6734077
SHA2566ab33550293b3fbe757e62b5f8510750b77ad925d9702f408141eb92d1a6e53a
SHA5129968fcfa4d1404cb4b9a61220f6d656a973b086196675bc81526d7987ad51f8a4d81e6092abc73ffa42f28fdf1caeb554747c9647f22d253c90ca9577a4031d2