Analysis
-
max time kernel
143s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
12/02/2024, 14:03
General
-
Target
2024-02-12_f00485a93c9eafd51f027864e649a175_mafia.exe
-
Size
479KB
-
MD5
f00485a93c9eafd51f027864e649a175
-
SHA1
246007137fbb9a69aa289e5bb034e2d961c7cf30
-
SHA256
38ea1aec12ad8b73fb290076859ed44287365092eb7cb00412a763a5ec4df4e0
-
SHA512
ef8f1a623118ee7b5f2500edf90a2c2aa9ea5de6617f42896f85f83d559b0030138f8d9d6b62b2367b3b6ef8e62c38f7b62f53da56f4c8d19c4e3c3774fcef79
-
SSDEEP
12288:bO4rfItL8HAebTWO3nVci2Wiyf1nAFlVTBaKje75UO:bO4rQtGA/OF7dnAFlhBaHVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_f00485a93c9eafd51f027864e649a175_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_f00485a93c9eafd51f027864e649a175_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6BBA.tmp"C:\Users\Admin\AppData\Local\Temp\6BBA.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-12_f00485a93c9eafd51f027864e649a175_mafia.exe FFFFDC89A0E628B56CCD61F13648956230F5FA22DA1DD9D9DA5EE4A6DC99981B1E233C6E70E6402DDAE745436316C4607ED98B3F2C3D50D486CEF6B5FCA059892⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5ffa5657a1e822e1cf29021fafb330a10
SHA1ae6a21cb65cfa4a3393997752660f5a3fbbfdef3
SHA256f4e98c881fd3d771f41276da27cdfc825e34199bfbe49bd940b5f08eeff84a9e
SHA512c8b457492a5395c2727d8f25892c1e86da65fec178102b5a11e3aa30429bc5f5c1047a31f11fe7fde0ddffc04276413cc44f683d567d2b6d3a7aae8990689c2c