Analysis
-
max time kernel
93s -
max time network
105s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
03-02-2024 09:37
General
-
Target
2024-02-03_c8a36c6e8bb92d5ec961f276ab2055ce_mafia.exe
-
Size
473KB
-
MD5
c8a36c6e8bb92d5ec961f276ab2055ce
-
SHA1
b6189f2e82c28ce79e6d7ff529a33cf3a4ecf773
-
SHA256
23eafc9ff23688219bc8ce660234215de3207c7e550efcf8cdf14265caf31505
-
SHA512
bf81b22a5b42e87d4e0d35a04cc4699c4229cb7f93fd99561eb6f40c76701c211e4fbccb5f7756152f9dade71050612cc5d69fc87b34df4efc26a7486db3bba0
-
SSDEEP
12288:Nb4bZudi79LXn6OVpDOIjDi9LK38P/dyH7YkO6kAspO4eA0a:Nb4bcdkLX6OVpZGLeU/gH7XE/O49
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-03_c8a36c6e8bb92d5ec961f276ab2055ce_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-03_c8a36c6e8bb92d5ec961f276ab2055ce_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4798.tmp"C:\Users\Admin\AppData\Local\Temp\4798.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-03_c8a36c6e8bb92d5ec961f276ab2055ce_mafia.exe D3F200FE2BDF268CBD655EBC29DBE372E621FF6856A4697581E8EAFC429BFEA35720A04E10290E3A7F1A6225BEA40F606D369637EB2E4947AFFDBC85B06CED142⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD5bb25d7ff52036326a7eac738dab39956
SHA1fc95d5cbe123db569d47efccbb9a6e4a747affa8
SHA2561fe2a3b0c90982095921c65c6ed965f7b464dc261de7fb332fe8226dd90cf937
SHA5127458427a540907924f7a5e3c9061eb3914ba3e93458a7e603b595b9eb766fbe0cb076871230b6df4f97a9da2fa35674dbf9f3df8daf9ae92681a106c5140050d