Analysis
-
max time kernel
131s -
max time network
165s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
03/02/2024, 22:22
General
-
Target
2024-02-03_2de0f2e524406d91346e7ebc1c0cbbb4_mafia.exe
-
Size
433KB
-
MD5
2de0f2e524406d91346e7ebc1c0cbbb4
-
SHA1
0b48dd8136e7cd8a3f96281347dabb1186be2407
-
SHA256
46157b5d1b809d32c4f63a2d77b24dbe2288236b891e3cbbba1c0bd93fc1d9ba
-
SHA512
9d8eaf5db7b44f6d44cb368c48bfda985fab80ae9cc281841e5f56b87302745acd475bdd75711b7ad1bfafdeba6080659c2312fda3f4473840885afad0382b9d
-
SSDEEP
12288:Ci4g+yU+0pAiv+vCAZx6tMHUrYeSSmQEuZg/n:Ci4gXn0pD+8tMHUrYecQtgP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-03_2de0f2e524406d91346e7ebc1c0cbbb4_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-03_2de0f2e524406d91346e7ebc1c0cbbb4_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6481.tmp"C:\Users\Admin\AppData\Local\Temp\6481.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-03_2de0f2e524406d91346e7ebc1c0cbbb4_mafia.exe 45F810E3AB04CB0424E4455666AAA5CD85856AEA6F28AEFBE6E64F0B6FC7267E5616AF2465E1262AC6420D050568318B407C2B8276BC6EB613ED1929D49E7EF32⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD509a1d1db432eba422a3b170c5f437383
SHA1c76fdb1e3d7b7aae127a9a98bd7748d0d6ad5d80
SHA2561129c9ac8ebdd84f5c05ef8d50bad36ac74f4f9a76b04515c2e86d630ac65a1e
SHA5126f2c7cfb8444db5889054b36dd2c795a239f0359395cb27e9d7781d30f0ebeb617804dbb38ae2233596d0950ee9ff56eb075ed0ceee00593acc28f1fd49156dd