Analysis
-
max time kernel
144s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
12-02-2024 17:55
General
-
Target
2024-02-12_ec1c9103d00e35d978e176e46d648501_mafia.exe
-
Size
433KB
-
MD5
ec1c9103d00e35d978e176e46d648501
-
SHA1
45451f52098b7715f5637cad8917b91956c6de50
-
SHA256
4337bec194b778c60a4924e7071984a15e993e3874ab6d6e882e15b383f5e5ab
-
SHA512
01f922dceb7fc51c3897f362484ca04c8b1916d6f6e48fc8aa4239e1066059b2bc073e934688da73ec3c07cb0262e8febbceec5e63f651e9c3ce914fd35967f4
-
SSDEEP
12288:Ci4g+yU+0pAiv+LLeZpJupoolr1BQZ4WL3xbfBTE95Bn:Ci4gXn0pD+LLWWpZlrvQDdfBTE9L
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_ec1c9103d00e35d978e176e46d648501_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_ec1c9103d00e35d978e176e46d648501_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4834.tmp"C:\Users\Admin\AppData\Local\Temp\4834.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-12_ec1c9103d00e35d978e176e46d648501_mafia.exe 7B202C589C5ADCD295B30051FB7F0F950F631CFED56066C544D77C78B967EFA36E6ADF00139B65E437FBE514E202AD65B7C12568BDEFCF7F820D523C0A14C82D2⤵
- Deletes itself
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD598ecf59d5f27110321b0a35c781cd3ce
SHA13140fd6c5107fcb9a596132f870941f80e6ab5d0
SHA2565f1cace4bd668061b2e80bec6f1750522fcfa321c3f141039df628f4870bbb03
SHA5127911ef379d71dd781ad431d7ba3a76961af5536e25a1e16430d500ad25e6bbfdd76033830aaecf6788409685c20dee34b4b4f4403a2f952aaf8d2ae6c2dcd13b