Analysis
-
max time kernel
143s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
20/02/2024, 15:04
General
-
Target
2024-02-20_ca82b4c71d4500f7c760f15c91cfcc82_mafia.exe
-
Size
435KB
-
MD5
ca82b4c71d4500f7c760f15c91cfcc82
-
SHA1
618d53da3b2464323d4272f774854239ed873eb0
-
SHA256
4443aaaaf3c784c1515d2172f2763c36e031d8e9720f1be49b2cfff4b48b6ab7
-
SHA512
f25d06fbb7f64f9b2ebd6f7b355b950635cd602b8dd3e25adacc4d19e0c65fa6b4d03764b73a559e8bbbe50bf1bc6fa2f97f0d0931b79f2ab3bb63faa581ba2a
-
SSDEEP
6144:fJvyW4ojUnQjx4qePix+qXQjBY8cgpnelfDkQ5sZ4NpwMt/2VpE9Njz/FrIi1w9J:fd4x+ePixnXQjZcwIbVw4OWNlr1wP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-20_ca82b4c71d4500f7c760f15c91cfcc82_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-20_ca82b4c71d4500f7c760f15c91cfcc82_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6AD0.tmp"C:\Users\Admin\AppData\Local\Temp\6AD0.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-20_ca82b4c71d4500f7c760f15c91cfcc82_mafia.exe A08867FD06C2E4B15D914946DCB08C4D690430B7080758EEB1349A90ECC6A747357E427E400681B3067E59C99038734551C6032BE9BFAF022968141C3D8825D72⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD54f0d54fa868982d08197fab05eb8ac63
SHA16e11cfc128734f3195346b580af6af009bc1d7d4
SHA256f1d60b204c73c663dc32550de2c5eaf8383fa5e715a7ffe11cf5b1cde76f50c6
SHA51287777b0ca88cb51bc7d7fc32d709a91e9dd38b4e9755e758928374253e13d371258d85a5529c9e973233776471d45c46a525697947195468325921460321d1e4