Analysis
-
max time kernel
142s -
max time network
160s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
03-02-2024 08:32
General
-
Target
2024-02-03_74b4e295e65275e5b1ca56e58994d057_mafia.exe
-
Size
473KB
-
MD5
74b4e295e65275e5b1ca56e58994d057
-
SHA1
587e6e100867bed5052f7fe337d902bf995eb503
-
SHA256
4b4768db44d3f50f7d7554a529811c56e2bf899179a50bd1388b61dceab1b9e0
-
SHA512
b99315a5093fa44b1d7011eedb1865fa0fc727e98db49125ab4c8d20a198d7e86f72fb434a36f0bc433e01285a22a93a052deeb09984b492f221caa4901ebd41
-
SSDEEP
12288:Nb4bZudi79LZJABjs9brUciQz8oc6/cA0a:Nb4bcdkLLMjarpAocen
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-03_74b4e295e65275e5b1ca56e58994d057_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-03_74b4e295e65275e5b1ca56e58994d057_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\8637.tmp"C:\Users\Admin\AppData\Local\Temp\8637.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-03_74b4e295e65275e5b1ca56e58994d057_mafia.exe 3D963A59F02ADABA24783C88E64A4ADBF1B207220EE132392CC89B32EC1686FC8B52F863F5AE6326764D973815860DBCE1FEDBF252E1E3E05A74DB837304A4962⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD5558f4cc927e2aaa463e4cf9881c88072
SHA18761dc2499cfb8c2fcfcf54b8e8bfbe5582a1e20
SHA2560fd386fb34b75e6523cc37c8a40739dd839aa0e3a95ec3f9d021cb886d379620
SHA51297376dc5dc2c615047842243e68d4975df9af17a0766752a7665c67985bc1c530b133acf9cb0a0b863a452a2cf76a779a48b6fd7640ab9dd17707f3529d93e7f