Analysis
-
max time kernel
139s -
max time network
148s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
02-02-2024 20:25
General
-
Target
2024-02-02_4e633e7ae581f1ed21d424ec286674ff_mafia.exe
-
Size
433KB
-
MD5
4e633e7ae581f1ed21d424ec286674ff
-
SHA1
a23d87121499b05a812a74b9c2e4fa0db3faf0d0
-
SHA256
76da24151f0c36bd5982096ab4fc880df5ff4351a101842f0198439b772a3818
-
SHA512
9652fa0ccfaa898d06cf510d6c798c95c32202f16c3aa1ca4d1b667a751aa69eaf360ea8636466511d1bd8560d92afd6a1225ab6f2ae0c1237b4b9bb5c935e61
-
SSDEEP
12288:Ci4g+yU+0pAiv+LFvcxE3g+FVQQlx0m0pQsKSb7RPn:Ci4gXn0pD+tcT+FJL0Os77B
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-02_4e633e7ae581f1ed21d424ec286674ff_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-02_4e633e7ae581f1ed21d424ec286674ff_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\B45C.tmp"C:\Users\Admin\AppData\Local\Temp\B45C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-02_4e633e7ae581f1ed21d424ec286674ff_mafia.exe 7AA897BC3F5AF0B998CDA5978C714B1ABE54A2553124B84B7254123F6DF671128D52512967E893BBACE3141DB9DD2C981C914BA66255FECB32A4EBC37F57CCBF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD591c2282d20f771aebab3043559fbf280
SHA14719c7db5df3fb598184b0546f8752b2dae1aa8b
SHA2569cd5d8470cdca055e89d82930039dc606b11d043cb8474494e2a9b4a3ea9df96
SHA5123fa9d5234ac6b20e8da0a309ace862b7b19a628027e21b819c7e6f70925329b98d0b5b8d8980e1ecead902c7c47a714cfe3e0aaf965246f8fdaba6f08731cdaf