Analysis
-
max time kernel
93s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
17/02/2024, 09:36
General
-
Target
2024-02-17_616c444427f261d7f04191d2b19a4e49_mafia.exe
-
Size
486KB
-
MD5
616c444427f261d7f04191d2b19a4e49
-
SHA1
98dd1e50c5bcb795e981a3598fdec2d9240b8ed7
-
SHA256
b74e2987b83199b3e13caf46b826ede85453245ec7cc8eb3bd22944fc7f98df7
-
SHA512
9e541e0d2d6eaf12a705f9cb04dde752e4cbf6597c7739b09aaf553ac0cbc10b0353daec7948441c6b990d5b67c65d2e32b255713e5ac2bd47c1d80a3dbda01a
-
SSDEEP
12288:3O4rfItL8HPYftNVq81b6FF9cQW5Y5FPeX7rKxUYXhW:3O4rQtGPYDbkMYPs3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-17_616c444427f261d7f04191d2b19a4e49_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-17_616c444427f261d7f04191d2b19a4e49_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5217.tmp"C:\Users\Admin\AppData\Local\Temp\5217.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-17_616c444427f261d7f04191d2b19a4e49_mafia.exe 0B4683C5A24834DC0AB5699DCE5177B9A34AF330A74E4EE9CCD870352D7BD57A7F48C4312EE07C677EECE8915340DD683172D76F03A75386A76DADBE693C9D902⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD584774b340f1729f1d07aeaf2d65c3d07
SHA15c2867b8f4ca5829ccd6c68829b961100ba4644e
SHA25688ab9b01a7451307600f6ce643c4418dd8c9dde8e78118f7d23b7c80d41881cc
SHA512504ace55e3776f64e57b222facc5980c5495ed90d8a815d998dd69a19621b40fc94fe27f4ef81a5760e03f97f648ac41efef683ecf1c7017737ded24d4c7d2bc