Analysis
-
max time kernel
127s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
12-02-2024 11:53
General
-
Target
2024-02-12_e7eb2525d34445c3ff442e7638f7580c_mafia.exe
-
Size
468KB
-
MD5
e7eb2525d34445c3ff442e7638f7580c
-
SHA1
855cf2de857649046345c55eaf05374885f30409
-
SHA256
55a211d8d08fc4a6c0283cfe6899c3c8f1830b58870373f0a7e892785fe32664
-
SHA512
ba1e61fac3849e3e124011bfbc220fb9bf69e0304641ac50bc9e976117f49b05f0b2ab9d4ba6663a55fd689cec30fba5fccbb19882d7990cdff09441dfa4b401
-
SSDEEP
12288:qO4rfItL8HGwtscWnSOnq5sjGo1Z33je47bWmeEVGL:qO4rQtGGMOSD5zcZ37umeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_e7eb2525d34445c3ff442e7638f7580c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_e7eb2525d34445c3ff442e7638f7580c_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\40B2.tmp"C:\Users\Admin\AppData\Local\Temp\40B2.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-12_e7eb2525d34445c3ff442e7638f7580c_mafia.exe 1283029247DD28AF59E3BF77ABB7BEFBB6E7358B051FF2817885F91B729A0F108C75B155EF6BF4DBD938CD6EB601749F232DC58E529B8CB06953E15C1BE23EBF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD51e046057dcde569da06cc9394cff9072
SHA1e3083b8fbb4d1552a1136f46b40aca1a8512814b
SHA25602f44ca17c444b1d3978ae08ebd1fa1f1651fe11abcb3c5a1263d69613dd798f
SHA51252b5767541a53e508b5cd554a5e75b40c9c6895355dfbbcdc57d2df7dbccaa8e2451d58de027a3f29ae7d9fd92b1be9f9928b80bde44e671b0e90c5bb11c03bc