Analysis
-
max time kernel
142s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
12/02/2024, 11:29
General
-
Target
2024-02-12_34bb3bcfb2f942abef78b0d40efceeb5_mafia.exe
-
Size
433KB
-
MD5
34bb3bcfb2f942abef78b0d40efceeb5
-
SHA1
ae9c09cb3d2152ae6b1cc0b5b89d662b34bca8b5
-
SHA256
8daac9aef9df3cda3c968673fc4d1d29c96460ed9d6ab581e361e111567b834d
-
SHA512
4febad863e9ae29495567bdd4d975f72a14071885fe4f07c53d7ba0c7219598da8e6349f19a7a73effd890b0c6bca320c0f112ed9bd453ed8ce1dffa7b5f609a
-
SSDEEP
12288:Ci4g+yU+0pAiv+LniQXqkRJanL1ArY3LE/aJUKx32uin:Ci4gXn0pD+ONkSL+rqAA30
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_34bb3bcfb2f942abef78b0d40efceeb5_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_34bb3bcfb2f942abef78b0d40efceeb5_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\8C13.tmp"C:\Users\Admin\AppData\Local\Temp\8C13.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-12_34bb3bcfb2f942abef78b0d40efceeb5_mafia.exe 3089524086AA5AED92635250855516BDA71BA797BDC8EBD91739065F7F6CCF07469361FE4149F1255A293298C1060BEB4FB4ED62128424FAC712B54952052C4E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5b84d18bc82e6c52b812317ff3729f1c8
SHA1f9cfd55da29d1f265b0b3d3b81eb75c21e51d3e9
SHA256c0f8d4642f473f513a305a6ead2977d2e78803195b4d1e2890a119082309f8ff
SHA5120ab3aaf43bd690747f05622036c942ecd0c0360a84936d46f009980fe46273059df1a2c49c6f7a2f35859f1ce6d946c32f39355b4ed1791308f4ae9aeaad37a7