Analysis
-
max time kernel
94s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240220-en -
resource tags
-
submitted
20/02/2024, 21:41
General
-
Target
2024-02-20_0923bef6c37f22b4f7c1219df26e0bec_mafia.exe
-
Size
444KB
-
MD5
0923bef6c37f22b4f7c1219df26e0bec
-
SHA1
ef80cc8fbbf451e8e220cae8c05e0d2dc8b536e3
-
SHA256
92198114a5282ffd21863dc37896b4bd47312bda8f9e572a1d3de5af278507fe
-
SHA512
409229aed154054b80a0290d6b15a2bc0eb950036b6d48990fafc0ccb90a8b7e4f7109e5d9329b8d71180baacb5b2582c21850d2ed2f17fc025b3b555f8e403c
-
SSDEEP
12288:Nb4bZudi79LrkjIvj+2jRJHbHs+U9pF8cgyDqA:Nb4bcdkLwl2jRJ7HlU9
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-20_0923bef6c37f22b4f7c1219df26e0bec_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-20_0923bef6c37f22b4f7c1219df26e0bec_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2FDA.tmp"C:\Users\Admin\AppData\Local\Temp\2FDA.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-20_0923bef6c37f22b4f7c1219df26e0bec_mafia.exe 3491752FB10E815E34BCF80F99D2026244BA75B81FE8EE85918FF44F6195762972A990BF80D13C1B4F4A2EF2D1FF7C6E26B79F6DEEF33768303955CD32E87FFD2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD57c1ba4eafcb3c1a722db04ca8e291637
SHA1e29837cf0af4c1c08f80b6fb218c90dc86bf8305
SHA2560600ed045c329ed45b81cdef1681bb78f1d2f8ecf56ce6f1a4f4d261794b2010
SHA512f2de9d200b3f2fa18af9374901d780090cd465a67ffb1741255bdbbd86abee35a85dfa06a2ab5c899e95408e4ccf7117da319160217f4c6f3eda68be7bb2a8f0