Analysis
-
max time kernel
93s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
12-02-2024 17:46
General
-
Target
2024-02-12_aa35ae2289ccf38fc606473029ea046b_mafia.exe
-
Size
414KB
-
MD5
aa35ae2289ccf38fc606473029ea046b
-
SHA1
55960c07d2c47c0351165dd433737236d2a29c20
-
SHA256
cd51c70210ae0b34667ca577f883eb6af1a84f20b4a178711852ab0c3c00a106
-
SHA512
3bfaf4fa7bc94310720c7a694511c8aa00755cb3840a29f95372d0f796f080667bf275cf1b3fcdb02f77f86e1fcb777e08b95af02520c6879c54178d8234079d
-
SSDEEP
6144:Wucyz4obQmKkWb6ekie+ogU6BYpFlERttS2TqzOrY/TdhKn9iKjyqWgGuys81l:Wq4w/ekieZgU6gE82SO8yUg0Hu61l
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_aa35ae2289ccf38fc606473029ea046b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_aa35ae2289ccf38fc606473029ea046b_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4546.tmp"C:\Users\Admin\AppData\Local\Temp\4546.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-12_aa35ae2289ccf38fc606473029ea046b_mafia.exe FC5C99B9BFD8651AB3838C2222B6315A9D117C9EFBF6D4BF91D65AB95AC39AFF71B800626AF6AEA97B565E0151E75AD0A4A4F045F3A8369AD8F0F0BA201ED15A2⤵
- Deletes itself
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD5fc753d8dbb60ac167936d20e3611639f
SHA1bfb22dec8508c10cb652c768d98083b51e1ec7b7
SHA256e497d3752d0b0909903b3a42827b9550791fd8b10a5899c62a08ecffd5a489f1
SHA5123f36ae3f25fb64d2a22d7760e92e66897fc16f001d4b4cb017b66af0c34dc9400638859db2aacffb06c1d2b69ca3768ff201005c85dca5cb60cb320ae7b2a529