Analysis
-
max time kernel
93s -
max time network
122s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
13-02-2024 06:10
General
-
Target
2024-02-13_9d0af5f73e80d5fd0499b4e197c98ca8_mafia.exe
-
Size
479KB
-
MD5
9d0af5f73e80d5fd0499b4e197c98ca8
-
SHA1
74fccd4a9eab794a190ecbcc794f9f0064505b64
-
SHA256
70d6027441049a5b52b11ac8821876a1a40a4550d1f77271bd178e65d30c845c
-
SHA512
300ca754e061f0ca7979a50ea553e37293589350a4570c5e8d6441f151b1da6e1cf5d61145865761287513621b9b82dd6fdb05c4fb09aee865152e6f7ace4dff
-
SSDEEP
12288:bO4rfItL8HA9AShg0mwntYxDQm5T72fZnGt75UO:bO4rQtGA6Sh7ix0U/GZniVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-13_9d0af5f73e80d5fd0499b4e197c98ca8_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-13_9d0af5f73e80d5fd0499b4e197c98ca8_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\46AE.tmp"C:\Users\Admin\AppData\Local\Temp\46AE.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-13_9d0af5f73e80d5fd0499b4e197c98ca8_mafia.exe 8A07D355C6FBC4E139B55775373AA4CC190828AC3D32CC5F2FDD19C7B700656FBC7216422369400E530716AAFCC545F51658A0DCCAAACA90771E7F0D841F31122⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5f27fcc67d0e969a97a7385c9adec82d6
SHA1e1d05d66f918ba7d52d222675d8328044c28e0d6
SHA25624494da524a89a025279bd2dee39ceeb369a4a719bffde5aff2f27ad56bbd647
SHA512e1eecb603172cf1478bffd958b481620dc102592000bd113ac083e4fb2ee0c940557d16e7d801bede5eec647b4f936cdaea64d14e9aeff56e4ac55f8e9e336b6