Analysis
-
max time kernel
143s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
17/02/2024, 13:28
General
-
Target
2024-02-17_3d226f47552fe4759bc880cca9558681_mafia.exe
-
Size
479KB
-
MD5
3d226f47552fe4759bc880cca9558681
-
SHA1
14c2d934c0638a08fda4c13f7953fccc69faba97
-
SHA256
6c95c9b405b27b28ee97566c3c9711d3db456d5751df71bf319e9c52b7db6553
-
SHA512
ea7353b04b703e23b087fee32f679d9d3775599be36e3c31089879d82aacae8abc367f0877bfd9545c195d8e0674c135c19171ac804d3ec4a031a77e2959a509
-
SSDEEP
12288:bO4rfItL8HAOdXd1NHdmt2GmNcU7sCW75UO:bO4rQtGA2XHN9O2GMcyWVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-17_3d226f47552fe4759bc880cca9558681_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-17_3d226f47552fe4759bc880cca9558681_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6EA8.tmp"C:\Users\Admin\AppData\Local\Temp\6EA8.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-17_3d226f47552fe4759bc880cca9558681_mafia.exe 2E8924FBB929CDFF22CA5D0EF20C6E64B66DE2AEB8B47CB8EA7FDFCD5355D280231588FB513DFAF462E0BF574455F881B3CC031546BFABB2EEBF0A9E901B995B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD513f26ea4b75de7e208790f47d31dc2cb
SHA1347bed7266e8cd7455a58b6c7871a1caae4ca16b
SHA256fe428e0be81917110c11ababeb373c16d0fbb224d38ea23677c7a5f6f03d5ced
SHA51267a6df03cce482a9d2cc1293bcd68f7bbb030f87e0ce3ca0b3c681eee2e44c17956bc8ef9027f6156eb3fb24c84285197a6ed9fe893a11a35cdf9886c69642a8