Analysis
-
max time kernel
144s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
20/02/2024, 06:57
General
-
Target
2024-02-20_cdc21c326b58655017b8abc68165bd53_mafia.exe
-
Size
435KB
-
MD5
cdc21c326b58655017b8abc68165bd53
-
SHA1
d94fb522229e31489033ec43e9f835ff9d106945
-
SHA256
ab66c99cb322b44ab8463d97cbb9e3610bffb9e4a79de5eb22904c99b1de135d
-
SHA512
8ad8f97db8f58bf7a32f9188326ef93478ddc93480cd256d246359777433bf510558e14e150fa86922f0b130c674bc9d8fbff00fe6439afcb2fbb4be9787174e
-
SSDEEP
6144:fJvyW4ojUnQjx4qePix+qXQjBYmnjaMVUvpJlP/o8nq9rCDoCH/x/3vw9J:fd4x+ePixnXQjt1WvzlQrf0J/fwP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-20_cdc21c326b58655017b8abc68165bd53_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-20_cdc21c326b58655017b8abc68165bd53_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\72BF.tmp"C:\Users\Admin\AppData\Local\Temp\72BF.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-20_cdc21c326b58655017b8abc68165bd53_mafia.exe 5B2638E2B693F6B04380E0A8BABCBF91C52D049CB7142922C3B7AB039BC6D177ABCBEEA5D85ABAAFEABB1F5021851443CEAE3559C79FD0C145E3FE23BAEEE50A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD50ef5de0a4686b68bce6b249bb6beedde
SHA1bdddc4fb30fe1f1293be41fe62cb32ddd3e395d4
SHA256634d3a34c18d9665ffee89540532f6831da8265dd979359cad67fdc4f9b08055
SHA51235883a50ee5f52ffafa7c2b689d9038a11bce14a314420e64dbd9c5e6454710b1ad1c8c673c2ef3bdd77b26417703194cac9ad2edad34831d1a9ce830171a3ba