Analysis
-
max time kernel
112s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
17-02-2024 15:31
General
-
Target
2024-02-17_8347048b44d03fbf8b8cf77923d25883_mafia.exe
-
Size
479KB
-
MD5
8347048b44d03fbf8b8cf77923d25883
-
SHA1
6c5f05345bee228f443734a5216224b4a2b552f0
-
SHA256
35c3e428a363f4648b556834bfdd9fea477a48e85ffba31c2fc1b11c84ea8cb9
-
SHA512
0a56a3418899a95476ee27f8effebabc4ad52a4c61e13ed66e57dbe07660ac4912a15c7b2c2fff99e5d13b563358a7adc545a8a2a13219a7fdb75c0da20abcaf
-
SSDEEP
12288:bO4rfItL8HAch85vG+8d6SUPczJw599YdTY/bRy75UO:bO4rQtGAchie+8dnUEg9x/bsVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-17_8347048b44d03fbf8b8cf77923d25883_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-17_8347048b44d03fbf8b8cf77923d25883_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\65AF.tmp"C:\Users\Admin\AppData\Local\Temp\65AF.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-17_8347048b44d03fbf8b8cf77923d25883_mafia.exe B213556FD46730A2AD9ED0CD0135AAD2878452D4C5B3822D232EA5F3E77C2B277FC35647567A7EB4533F902280F1317E639612E0180EEEB5DF50B97A220976B42⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD57af3451fdfe656c50f83e342f6006b8e
SHA1512547cf5ec3103c1e583f2b77d80aea22c851c2
SHA256a05d4abee6e37428a6719c255b6dad7d4f824ce318499d7ceaa645db3d7ac86f
SHA512ff0f639d887db801e872201d230c94e6a57d0eadf4c0ef0eb841dac5ff87717732677c8480cbc66df269768657469ae1ff30cea57df14ee8dd443584fb0c7525