Analysis
-
max time kernel
138s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
29-01-2024 05:23
General
-
Target
2024-01-29_097f91e7b55604c4aa6bad77a5a0b124_mafia.exe
-
Size
476KB
-
MD5
097f91e7b55604c4aa6bad77a5a0b124
-
SHA1
6a565646bc22fbb41d64dec127e27f8fccb2cc36
-
SHA256
eccbd08c459af9c19a68cacbe7e4fc3dc518199ba7f05cc2002a4fd64fdbbb18
-
SHA512
03fcc3125312ba70b18c10d7302178bab201755108e64e344b59e5b10f182219998e674fe980b34008bff53b9c138c47c3f7fbdd507cac492bfea6da5f559cd3
-
SSDEEP
12288:aO4rfItL8HRTgyEnk2d93b5y3yAc4FS27K9wlsDpVFd:aO4rQtGRgB39bAc4FS2+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-29_097f91e7b55604c4aa6bad77a5a0b124_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-29_097f91e7b55604c4aa6bad77a5a0b124_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\F695.tmp"C:\Users\Admin\AppData\Local\Temp\F695.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-29_097f91e7b55604c4aa6bad77a5a0b124_mafia.exe 54152E655684F4EDB3F6C79DFF971071CF349DC992F1D0E8B17B1F6884A28E23C53592616961A73D1DD7506296C635BF4AAAFE2FA43ADC57E9BB1657E6E20CA22⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD5af9409f93b35357db9088a0a4b3730e0
SHA1995b7a43a5807ba8bf0e44a2be16e3f765428686
SHA256494cc32ce120990de0b43e0e57bb45b481a6769f4479c52b72d04e72a403a97b
SHA5120e9af9c3e6961875b07e4a60928b03280ad65c276234acaaf776d7d50e1351ee72bceec7c2f209eef9a2fcef0cd82af8183303b5225f11a7c8cf3f0a95fb02a0