Analysis
-
max time kernel
150s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
21-02-2024 14:06
General
-
Target
2024-02-21_c61e0122efcd8adb6b11c1d7632e929c_mafia.exe
-
Size
444KB
-
MD5
c61e0122efcd8adb6b11c1d7632e929c
-
SHA1
ed03e8985e847b108d946fce72201661df69e746
-
SHA256
5208ce1a8bcfffd25043253e8c86fa7671662379a4b524159205e9d0f92fdf64
-
SHA512
978269fa80c6afa61242d02ae76cd3746510a522f8472476185c2c124871953f79355c71d4ab746a43a3ee483363a4e69f38df338a26752982eb74cf923c1d82
-
SSDEEP
12288:Nb4bZudi79L7ptpS9AFLkiglgBLDRnBwvrqAeZA:Nb4bcdkL7TMkwiieNBwv
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_c61e0122efcd8adb6b11c1d7632e929c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_c61e0122efcd8adb6b11c1d7632e929c_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\38C3.tmp"C:\Users\Admin\AppData\Local\Temp\38C3.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-21_c61e0122efcd8adb6b11c1d7632e929c_mafia.exe 80B6BDA2D9E92A523800F575AFBBC2CDB4FDB396D4B50D63C18585CB63174E4C0C9B09A2A05F5A5800CF5ACD5E01B6E8A0D9101FBDCDA61412B7FD88FCEF01B72⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD573c1f4b139e6b84ab14458b7d152e8fe
SHA1d1442a6fc304da19331045c11e5ddc6fa4875241
SHA25660a709f8b953ed5a9a788a6429931681963f3eeb86bb4ad7ef5f32a28bed66df
SHA5124ac7b7f65390dbf8944e6a923e405ac5185479d5834350947ee3c0c639efbb32b10b7a2c50d7ad8dec3b8d846bc8b63632e7d441ece70043620ac4fea353c08f