Analysis
-
max time kernel
90s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
19-02-2024 23:30
General
-
Target
2024-02-19_65f287aa6a2434bb120a0ad2b1c842f8_mafia.exe
-
Size
443KB
-
MD5
65f287aa6a2434bb120a0ad2b1c842f8
-
SHA1
65d9c0fbab829d3f1019e82f40301f138ef90e17
-
SHA256
ec6bf9cabc0a0079e57b0b6e68a0414425f463de58bc45d1640f237c6fb7c587
-
SHA512
8eed7bf94b52b5988c517bcab6c6fded0a391b0ab266bae8950bb5a64ccf373737a3f857cd47ffbe2a968e815fe46d4183db35ba18ca8961b5e05a71a7e9daef
-
SSDEEP
12288:Wq4w/ekieZgU620b8FyDiCzxXo4rhLydjwlMa:Wq4w/ekieH6B8FyOChPhOdMP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_65f287aa6a2434bb120a0ad2b1c842f8_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_65f287aa6a2434bb120a0ad2b1c842f8_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4788.tmp"C:\Users\Admin\AppData\Local\Temp\4788.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-19_65f287aa6a2434bb120a0ad2b1c842f8_mafia.exe 65A59FC01C2FCE7B4B824AD79DDF60D2A3BFBDAED997B54EBAA851BFAD9C2901509C732DD35EB7E3210D8D28F6FBF8474891C6C793C25DFCBE3CE3E5E424DA0D2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD5000854e3ba40b31c9a34060cfaec8366
SHA1a878973d918d5c356fdd9d8a471ded4f3022329e
SHA256b9146d6cc2f83a3ab994aeb84f83b8ecaf8243181b3328273e25d7bf19a3501b
SHA5121e2679d0da219a5ba42ccc3060d4f839c2da398fe3e91f183c0c09c3593fa1b48539afa343a23faf5e56d242b7cf0588ba8fa83e6fadd8e390aedf9b6d78e8d1