Analysis
-
max time kernel
143s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
19-02-2024 20:41
General
-
Target
2024-02-19_b84247a3165951223cf3f709f186c256_mafia.exe
-
Size
444KB
-
MD5
b84247a3165951223cf3f709f186c256
-
SHA1
58d6005db8a8fd25b2b27fd294efdaa7b6a19b0f
-
SHA256
f4ce6ba6e3f5b0ae4767f507f67e764650525d96456c1bd9761e15c42ac09b30
-
SHA512
ea413b1844ca0eda6cbc7ea7be51c1f49f3106b448730ba090fc2a2ef5e625d1aa10f902d2ab44c2041155bf258e9917e8d40f2774c290153276cca951476145
-
SSDEEP
6144:fFrJxvldL4c5ONK1xgWbd1s79+iStPVbpVUf6GFjifO6pOzQYDR0Z9kFKEfNmkM6:Nb4bZudi79LqnKifb4znEXINmYj+A
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_b84247a3165951223cf3f709f186c256_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_b84247a3165951223cf3f709f186c256_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\638C.tmp"C:\Users\Admin\AppData\Local\Temp\638C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-19_b84247a3165951223cf3f709f186c256_mafia.exe B07D998520082D3B210EE1CF7AD4A745B13A9FC1BDDFCC3DEBFAA403471C827EF259DFEF7584BB236DB44FE449D8166FB177D5853F239782A8277C2BC987654B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD587c2070dfa0c1c316d2c7db3f39b433c
SHA118e509868d6b814f8d38d8787aca84703cc4601c
SHA2563a4a1a499779ffd31c34576246c0c3dfe3695d9b5110123365a8bb0ba6af4087
SHA51238c58df50ffe23c51fe1c905cd5e3661427b1da6a09b39f1c55378eb9f1361c6c0a4d73d3e704c7f899047e0d48ff07610d1457da7e2a7348a4191f9d9f0300a