Analysis
-
max time kernel
92s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
17/02/2024, 12:49
General
-
Target
2024-02-17_9d1bc3f0f70061fad21dfb805dd40196_mafia.exe
-
Size
486KB
-
MD5
9d1bc3f0f70061fad21dfb805dd40196
-
SHA1
6897b78869c41cb8b8e2c7d71a755444ad936ce8
-
SHA256
1cc744b533b9d429d3439fb9f322d81f3a9677122a7d35bc5c97f94dda2a7701
-
SHA512
b37171946149ce95055144a02415abd9940ab6fda37f88d4aa2019471ef5682b29ca7069c97f44750686cd6fc4538b5d0626170dc5bf2c9025a8afbc52c285e1
-
SSDEEP
12288:3O4rfItL8HPT8j/lseEcEdyA8eOJiQvVCYrK0R7rKxUYXhW:3O4rQtGPT8rloHeRXVCf0R3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-17_9d1bc3f0f70061fad21dfb805dd40196_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-17_9d1bc3f0f70061fad21dfb805dd40196_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\45B4.tmp"C:\Users\Admin\AppData\Local\Temp\45B4.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-17_9d1bc3f0f70061fad21dfb805dd40196_mafia.exe 474A0768BB8532E41087D372DB1021DCB092641B290C633F068D8CF8DFA70262D43F21EEDB8271EF21F7235A9D629C9033B83A5B07A4EA9C0711ECA8C82121B12⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD5a017a8eaca4d900a599a733fe79b3b3e
SHA127dee7a2a75140f2eebdf80a1c55789bfa887744
SHA256ce717a11845a5235820b4c7ae3adeb051a074b6913b38eae6d0bd7f46b71d041
SHA512ab7a5139ab0b140b7f1c9391cc22b1709c4b4d93c07ee3012380f84c712b2faed09e251645cea2f6a3d6276cdbfefabe1c3d44e9ca9bde3499746dafced76517