Analysis
-
max time kernel
141s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
13-02-2024 20:29
General
-
Target
2024-02-13_57de285548203ccc7caea48f651343a9_mafia.exe
-
Size
468KB
-
MD5
57de285548203ccc7caea48f651343a9
-
SHA1
2b4f05a2977aa2edeccfc818e5123a702db468a3
-
SHA256
779adb871695c4a3ef35a7e6e03ec1e750b34b8e8018cded2d175f0f457deff2
-
SHA512
fc9d47c5cd9acfe509e1d9b5718c5ca65c336b463033dacac192da0ad1a057aadd1826644fb0176cf09b8791fd600a2eefe2d2da327a1c881bea2f9bb0b07b63
-
SSDEEP
12288:qO4rfItL8HGwKlR09ctahHan93bCXBeL7bWmeEVGL:qO4rQtGG89cUMR+R6umeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-13_57de285548203ccc7caea48f651343a9_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-13_57de285548203ccc7caea48f651343a9_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\74E2.tmp"C:\Users\Admin\AppData\Local\Temp\74E2.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-13_57de285548203ccc7caea48f651343a9_mafia.exe EB91C29DCC8157B55603915AA82034330DB7F9A8A31B8EE01D9AC50ED84DBBFC8E60AE4CF36BECC17970377FE9880F44EEAD6A7501F13253A0C3982CB4F2E17B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD54b86b0f4b88b38a6a85670164599801d
SHA19fe919f580b457fafb9b9493586dcad3f69efaaa
SHA2563f01a7638916e61abe7f0b6be4b432ee79c9c1bd04c1e640b7b54d275d2a8008
SHA512020f7743b2d264bc4692cbb2d3739b2399f5be2ca14cdc4f00ad4e7668c2bcde3a60c0611d934c8a5c7d276bd45c6161934c84ffb78afbb9d0947e3c36c6d40d