Analysis
-
max time kernel
90s -
max time network
101s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
03/02/2024, 23:25
General
-
Target
2024-02-03_52f21609b4a169b072046fb755c89d32_mafia.exe
-
Size
486KB
-
MD5
52f21609b4a169b072046fb755c89d32
-
SHA1
05f16546f306e117cde598cda99c7f3fd9dc863b
-
SHA256
5b88e0349420d71787dabd457647664a51599bd6523ca90f5548f087e3ca33b6
-
SHA512
bbcf2caf8d54413b442e39dd061deb9a0264a9971c0803ef084b4da52f8c58ba31ea755d5173fadd6c92e05ea14e7db5b0af6d8f2065f9c9b773aae11df09723
-
SSDEEP
12288:3O4rfItL8HPGbhj3HqmMNmA2AGFS7rKxUYXhW:3O4rQtGPohj8NmtS3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-03_52f21609b4a169b072046fb755c89d32_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-03_52f21609b4a169b072046fb755c89d32_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4E20.tmp"C:\Users\Admin\AppData\Local\Temp\4E20.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-03_52f21609b4a169b072046fb755c89d32_mafia.exe F3CAE0B29C267793A67255B8D9CA730199AD4C3A3739BAF6AB08E7334DD3D6068A375A632B917F14CCFB2A4B57C4026EB0F0C407918D17F4032E5884B4FCDBD92⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD5218f5a2a915b34eb4561889ba4a3c255
SHA10cb6f769e1710c4744fbbbfa9c3ec4bf745478ca
SHA256d9a874bd3551cdc6225852ba8b51e507d7f1682d87a5885a9fb618c00eb7a57f
SHA512f03f4313ffe64bb2fae1ecab27740135db401581e2d03c3207f81f29af3ca0f06d4fa850c7e12bffb3c0f143e0fea95907654b4e012925d805481485b362e88f