Analysis
-
max time kernel
94s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
12-02-2024 03:44
General
-
Target
2024-02-12_1c76e53b36f03a7210b1f9c05d99d4f5_mafia.exe
-
Size
486KB
-
MD5
1c76e53b36f03a7210b1f9c05d99d4f5
-
SHA1
61415b8ed70e2d878780d625c7fb132d6e5dba49
-
SHA256
c08b3e588d8b43905255afd331bcfe8edb98ef4fe1c567ef24546a525b6be96f
-
SHA512
2dd213683e63c0a480f6fc5dcd9a4a49854fa639f27bd2ce9ef638626b2b1cbaf5125ade4aff7f7b0a4015b71eafca89ca0aaa87814f6dad178bac70a9494e48
-
SSDEEP
12288:3O4rfItL8HPCxroAtWauIDlNzEq7rKxUYXhW:3O4rQtGP49tWatDlNzV3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_1c76e53b36f03a7210b1f9c05d99d4f5_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_1c76e53b36f03a7210b1f9c05d99d4f5_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\40E1.tmp"C:\Users\Admin\AppData\Local\Temp\40E1.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-12_1c76e53b36f03a7210b1f9c05d99d4f5_mafia.exe F87781808B1BE10D7F59C078FBD5845C13C6EC07085D7EE7B795CFDA41E0441540E7942A001F14483B9BB4FBE3265C172F91476AE8EDD2BA39FAEE536F3D626A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD5215dede8d9f9c04cc5dc05bb077b9827
SHA13a24c209511f1cc568c639cba4fff721346374cb
SHA256cabdde7c9b7ba81a89becdd1b28ab703343f1852530079597e35ac2e6d80f7f4
SHA512162844c6ba72d11fab302c7552ec0ab7a26edb1992b3ea2a56d39ad062d810dc2aed472a84e3d69f36c01df9d376bc6ec4c4ee99e1ea456be330fc268eaa11c2