Analysis
-
max time kernel
142s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
20-02-2024 14:39
General
-
Target
2024-02-20_65f9cc708e6075aee9c3d9e5e74f48cd_mafia.exe
-
Size
468KB
-
MD5
65f9cc708e6075aee9c3d9e5e74f48cd
-
SHA1
1ec19d73e96478d43f5d9e0a2dddcef90b5784ed
-
SHA256
8cd8e342aa744db2264a69d831cc097008dd50ecc09814d2f396d6e1d584bb21
-
SHA512
5494a8d20d20a6072df5aeec97395b3a1ab40ab46e4743a373d8b154060f79b608fda3b11fd90e2d118cc0cbbcf357eb4762def1fae52ced716e935925675230
-
SSDEEP
12288:qO4rfItL8HGK2TR3kDAiAnLYC9pL4dIP9H/k7bWmeEVGL:qO4rQtGG3hkUiAnLrL4dIFH/kumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-20_65f9cc708e6075aee9c3d9e5e74f48cd_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-20_65f9cc708e6075aee9c3d9e5e74f48cd_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\8453.tmp"C:\Users\Admin\AppData\Local\Temp\8453.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-20_65f9cc708e6075aee9c3d9e5e74f48cd_mafia.exe 2232CFA49E4E83387F936B31D939E24E0E807326D619ED306B4F18CD6019F4DA6DDB7CC7DD864A6026C7876B4160C284BEF63215327E274B8AB387707E7833AD2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD5b4251379a2f92b232939b26618f0a598
SHA12b44aee460fe3f44d063d0feda819424a5183776
SHA25695c6c8f389a9aefa16579560ea19286049e10c4619e62e377ed1a2676a7cb068
SHA5126522ef8a4ea9fcdfb328fbc8bd72731f8e912f6ce9773c415e8b17e0edcf97da557a0d4e0d3429f22715b8c41a1da79a085177a59f754273c60276b69079210e