Analysis
-
max time kernel
145s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
28/01/2024, 20:36
General
-
Target
2024-01-28_b335d7e69420783ebe7054063c7f4ab7_mafia.exe
-
Size
479KB
-
MD5
b335d7e69420783ebe7054063c7f4ab7
-
SHA1
747cc5572ddf17a5499dd7517c4cc16b2108c48a
-
SHA256
aafeb969aec9013a3434de933a62895d16e2e4537ec7f900783420b7f736c6db
-
SHA512
8e293e9766b9c0365dcd8ba45728f7e0693f319088ca529253003826e80e437a97e5ad70c527fd15feaddaab1cb4610004a5a6746e07368006f0ea0ad3b2acf6
-
SSDEEP
12288:bO4rfItL8HAdN+55f695vskR9WRSg+sJ75UO:bO4rQtGAdsK9pNERSyVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-28_b335d7e69420783ebe7054063c7f4ab7_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-28_b335d7e69420783ebe7054063c7f4ab7_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3F99.tmp"C:\Users\Admin\AppData\Local\Temp\3F99.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-28_b335d7e69420783ebe7054063c7f4ab7_mafia.exe BA1D85A10CD55695506016B5220D07FC1E30F5B15BE7C4CA5808802D68133620975D0664A9581E7D5CD310EF37082842BDB52209C29835C366F46D675532DCF12⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD58ba4cacd2e0960e9c2d1f316ea55b3a5
SHA17024cc263d74ed091447f3951d3ab92c3ba2eae8
SHA2563e633107c0d26512c3bb8dbb36f6aa2de22233877cfeeb90df6d864b4082b881
SHA5126cc80a7448a21c1b3474be7794469736c0e11257fff60131382c190411fa89566d9e8e4111e9c9a3c48ece7b2e5c908c410aef9d74177a94295325990c7ac534