Analysis
-
max time kernel
90s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
13-02-2024 08:45
General
-
Target
2024-02-13_acc8ca81af2d518cfa7d58951aa04c7c_mafia.exe
-
Size
468KB
-
MD5
acc8ca81af2d518cfa7d58951aa04c7c
-
SHA1
0c2a247100494fdf3a495c2852bde9759908d80c
-
SHA256
f2c91b2d4c8c19c7be9a21a643a1fa93d6addfc93a6a49afce7425a8ef711714
-
SHA512
29ceedf81ee7541eaa01dcf743f2b5408a6320cef0a6ae063db8377eff3cb4ecc4696f35df9088a1897e06e152fd64383659b650143cee1db3405817c016c356
-
SSDEEP
12288:qO4rfItL8HGMwsVD5Uq4RrWCF61rRTaN7bWmeEVGL:qO4rQtGG9sbUphYuumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-13_acc8ca81af2d518cfa7d58951aa04c7c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-13_acc8ca81af2d518cfa7d58951aa04c7c_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4594.tmp"C:\Users\Admin\AppData\Local\Temp\4594.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-13_acc8ca81af2d518cfa7d58951aa04c7c_mafia.exe EE65BB9E6EB2167534FCFA8A86F3C02BF6503BF8C14297C99899B070A8ACF0EFC4EA7F7199BD38891B6B2E4822D5C73EC5F2F3C98C5F1E16896F3143BB1B49B62⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD5ec31d7e79ce02506791a5795eb8fc91f
SHA19b0d8fdc5bd7494ece2a1ee84d121665c62445c6
SHA256f2cc29fa94524c014c2fae4bef28e3cbab2b2514dc899558d196112cc72a237a
SHA5123759dd356619436becb8fe44a4a067dde6800971e70d791415261211756ab702d7feab9a55a9e70993be865fece849b8d70d98b90337aff31083d8d046cda063