Analysis
-
max time kernel
90s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
19-02-2024 22:58
General
-
Target
2024-02-19_f2343082f6c0ac03717bada362578d32_mafia.exe
-
Size
444KB
-
MD5
f2343082f6c0ac03717bada362578d32
-
SHA1
b1f030975dd199066a705fc361ed89f765b727ba
-
SHA256
57b93803029d566ab97800d53f50d00942300e2b3df047a6d3bb70c8f091cfd9
-
SHA512
7b6fdae2d7d0706f98a0cd698ea78194ee82d094b921d64dc08711c19b7170f7238bf905840320b444767b742c0bea1845e2e5d9aa00ed0b5fc2db9e05345faa
-
SSDEEP
12288:Nb4bZudi79LqFzQxWVQi76Y9btnL4rKuA:Nb4bcdkLqFSWVQUbJt
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_f2343082f6c0ac03717bada362578d32_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_f2343082f6c0ac03717bada362578d32_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\45A4.tmp"C:\Users\Admin\AppData\Local\Temp\45A4.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-19_f2343082f6c0ac03717bada362578d32_mafia.exe 1431AD189C287304A44C44C037129478BC76C84326BAFDB1F8683B1F0245157F1605CDEB842823509DF016CA5E1CD4E6DC697E8147F63A731B633E9B50D11B482⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD59ab0a8c9544b7d622fda914a94a73b7c
SHA14dd5d147d6810cc1ca9995392ec2320ffb54887b
SHA25603fc0f61408f119b7e669eb1e6e40a9f2f7f97114ae373dfb3b1a9792428e229
SHA5126f450b5df03306b0a7caf9be3f34614c7421ae3f86a45c105116c8e7ac46c778f16bf0a0a3adc10ec732440cae10aa87768d8892bd01064247a31ed3d12071a8