Analysis
-
max time kernel
141s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
17/02/2024, 22:37
General
-
Target
2024-02-17_3e570b0d1301a1175e903d0de795a547_mafia.exe
-
Size
486KB
-
MD5
3e570b0d1301a1175e903d0de795a547
-
SHA1
95c79be1028459f19bea4ed6d3328b487705edb5
-
SHA256
df57c6f2327492fb6a716008bd8db7e72c79c18f086c754d3c4f40f0f8c3dc48
-
SHA512
684e6a452ee153828dec14646b45ec01e6d229bbf937371fb8b474260951f221330df19640edc08c4699d4d1002ee9b6c5893e5a2dc9dcea0fceae4d156c367c
-
SSDEEP
12288:3O4rfItL8HPcU6Zn4ahJevOMT4tgUSw7rKxUYXhW:3O4rQtGPW+68UtgUSw3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-17_3e570b0d1301a1175e903d0de795a547_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-17_3e570b0d1301a1175e903d0de795a547_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\A345.tmp"C:\Users\Admin\AppData\Local\Temp\A345.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-17_3e570b0d1301a1175e903d0de795a547_mafia.exe 7C9E28A30E44BDB993EAFECCFA8B864B3AC55DC8EC32C56860F4EB18F39CBCAB159D16862B61B7848AFC26CE4BEE728770ADFB3616385223BB97FEB3587D2CD22⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD56df5af43c2d85fc6f71f7f0394c41fd8
SHA157a3cdd8308d8be9d62a7cc4b2ba8accf57b565d
SHA2565aca255e2b1770845580a49e34cd1b6ceb459221ab3889504bf0be04fc2e04ad
SHA512d5e8c8df4b56e98d8b9fe8f8e44018ed9640cba8cd73d4df1e119d1b6f2e7f9a0f3b056fb79abceaf661b11d1e7ae4a31433a9bba257682c4b88a77758118889