Analysis
-
max time kernel
141s -
max time network
145s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
17/02/2024, 14:32
General
-
Target
2024-02-17_bd8cf657272123dc041ebddd98b52f33_mafia.exe
-
Size
433KB
-
MD5
bd8cf657272123dc041ebddd98b52f33
-
SHA1
621970e2cd5b63f1dbf37a489a85a1620cdcfcf2
-
SHA256
241b3dd36d981455f0083297ca8e58c00104f5c39ae266d86abe39a91413b5e7
-
SHA512
2fd7a4e00866b91d3622ef5ca7c006161503999be2470f8187f38ff650dfe754d151c759bd534222999bba549187232a53838a97ae8f7f8f5f89ce1018b6e6d1
-
SSDEEP
12288:Ci4g+yU+0pAiv+QAzZM8eNrQPdmfxBcxO8qEn:Ci4gXn0pD+RZMxNrqdmX6O8qE
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-17_bd8cf657272123dc041ebddd98b52f33_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-17_bd8cf657272123dc041ebddd98b52f33_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\A46E.tmp"C:\Users\Admin\AppData\Local\Temp\A46E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-17_bd8cf657272123dc041ebddd98b52f33_mafia.exe 9EBF7AA6D09117778AC31C759BAAB1FFEC9D3756BE972B18126356A41E1C3515BB757EA9370DDBF70A06AAF4BC048D3FA6F181523460B129CE4E0D25FB1418CE2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD55fced1367922de79fc74fe0cdba4c5eb
SHA12f4715062c7ba0748f9b5ad9eee6f666a8f83da3
SHA2569a3acb58adc7b9ba23bb5275a52f7ab73e97c3659297ef87225698b5051d335e
SHA512f2c41365fe58c1c1de1403fa8759cacae6b1a1e22b4580583fa0ae34380a5cd223e0ac979032dfec700da8f9b080757bf7027870cc4af4ff0a448705bb3fa0d4