Analysis
-
max time kernel
143s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
13-02-2024 05:52
General
-
Target
2024-02-13_76f33c208d7526f69feff36e5e873b8b_mafia.exe
-
Size
433KB
-
MD5
76f33c208d7526f69feff36e5e873b8b
-
SHA1
380c9389bf19b39f777aa8061fd5036a5dd53202
-
SHA256
74b19f977bd64fec765027d47f093e476e187a0e256cec45d83612bb94e08c30
-
SHA512
d12779262bcc38902cb38ae93ddb99556d5bed43871b77f306791521aade58a22ec2ad33a88a46cf4420e58f7352d7b78c2e9e7116a2b8efa3ca841648eb9012
-
SSDEEP
6144:Cajdz4sTdDyyqiOXpOd0p6Jiv+vtvuPO4f02ofZLLbJUPandpsQ9vw0UYUowdR9C:Ci4g+yU+0pAiv+8PO4f0nZJU/QnonOn
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-13_76f33c208d7526f69feff36e5e873b8b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-13_76f33c208d7526f69feff36e5e873b8b_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\63CB.tmp"C:\Users\Admin\AppData\Local\Temp\63CB.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-13_76f33c208d7526f69feff36e5e873b8b_mafia.exe 6E017F9F865DFA34DCADBD1040459B71C1BB2B7E90D39B291DD1375B9CB19603CABB74E7F86C2EBA98F5546AC1FD601CC0C950059CBB6AB97717E0A123FF4BE22⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5bc185b4eace19190d838328be6bf23df
SHA1b6ef3fd8577baf2f7309049dfaeebaeb5333737f
SHA256c94caa546ac98947b80846469f166baf6ac0b42a85e4470e36690fe87b01b615
SHA5127c1afa5500a2bc5943be57aaa3ea33db2c229d40535cb97897c3f886a4eb3c570d06cf1a5afb1cafb0deea5573f414ce95dba60298042d82ccd936a7c5e678e6