Analysis
-
max time kernel
143s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
14/02/2024, 13:55
General
-
Target
2024-02-14_be15984c68a57bc401f334579b0b55e5_mafia.exe
-
Size
486KB
-
MD5
be15984c68a57bc401f334579b0b55e5
-
SHA1
c082e419eb859b3082e07aaa11d6d39132f54bd5
-
SHA256
09d5b1ebe250f5a972b8bc46e7c1dba833b2652750b19c57c38eac06b8c973c2
-
SHA512
f80b796a0d4c58306aead4fafd0a71dae4b7f09469df910d0be53240b9c3e3e85484ab8a761b57cae7c84af89d66bc3f1ccd7d7009d83aabbdb7b4a455ee2e81
-
SSDEEP
12288:3O4rfItL8HP9nDGASIGCBVnDzHT9ShL7rKxUYXhW:3O4rQtGP1yA0CBxHHIx3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-14_be15984c68a57bc401f334579b0b55e5_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-14_be15984c68a57bc401f334579b0b55e5_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6736.tmp"C:\Users\Admin\AppData\Local\Temp\6736.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-14_be15984c68a57bc401f334579b0b55e5_mafia.exe 5BDAF6BB687C1E09B1E27DA45411246A5543B5F8DA2F43548E376116606B5BBBB9874D2F93BFB23BD5895D91C29179EA97B075B15FDCB17D7986532AE551B7672⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD532bfc1aa54c6e7ee7a77cd62f7bb2df7
SHA1dd8cff36221d82932868a7b96b0419e95e95267a
SHA25630659132099fcaf5abd02cf546e160004187eeb65a8a601efdab9a339b90b664
SHA512c0362c5db3e6c835e8ee8f0a5709538f7fe2ac2277141a872346dd581ec71e01984cde4eb9b6379163a19ee98083046dc42478dee47027d559a10cef819bcb3d