Analysis
-
max time kernel
91s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
21/02/2024, 11:41
General
-
Target
2024-02-21_a2481b972ee3aa3b07812aceda7537fc_mafia.exe
-
Size
476KB
-
MD5
a2481b972ee3aa3b07812aceda7537fc
-
SHA1
8a9ee3a5723814cfb6e2b1ccd88e55b31cb04d92
-
SHA256
6f6c4897b50a480e3ff46800ceb0b5c25cb377faa63a7975705c2af42f5c134e
-
SHA512
4d12af580290b4b470375c204ad231831b5d45588d9be53453ccf4fa39d1368b613459dc9b51a339d57e929ce8fbc7c2769082032816fb05b652d05f836a6562
-
SSDEEP
12288:aO4rfItL8HRxQETWFd1+0YeH6Fe4U7K9wlsDpVFd:aO4rQtGROyWL1mFe4U+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_a2481b972ee3aa3b07812aceda7537fc_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_a2481b972ee3aa3b07812aceda7537fc_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4035.tmp"C:\Users\Admin\AppData\Local\Temp\4035.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-21_a2481b972ee3aa3b07812aceda7537fc_mafia.exe DDC299936614CF94918054C0C8DA4675C089F8522E40A1723DFF27AFD951FDEF90F9C28AC3BEDC6C0BBE64CEECD2E21B5D0539DF31D2EB9FE3AEB659EEBF93942⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD51610de83a3d8655ad501641bd04caaa3
SHA199acc27a1b67174e068576fd47e7a69e22ad3c62
SHA2560e94941f3cfbb236861f2838a0f1c5ca1ae9a27dd8dc1f61d2d08e8d17c8579a
SHA51239e82b66960547428a64e846dd81d549e0bfbf92fa89789b596fa2b5cc8e8d6989ece6b38ad5a56930db76d6c6642fdcecf4c4410622cc2a7f5acf31cdb42d24