Analysis
-
max time kernel
94s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
21/02/2024, 14:11
General
-
Target
2024-02-21_da62bd64b6e3c199c150f7cb6bb42d3a_mafia.exe
-
Size
444KB
-
MD5
da62bd64b6e3c199c150f7cb6bb42d3a
-
SHA1
1c91486bfb0a39e0d09591d4de1a5acfcf9e42f4
-
SHA256
ad5d360f31ae3eac2973e4303da47fa1cea4e4f119a5061fe4896cb9f9a3d23f
-
SHA512
904b1089ceb0421032f6d6e48513b2f3a949efa0f37f59e6455d75d71bd9ca90a64f6a1980c8491b1c60eca0eac2b395c5dc01b3f2b5fb9d6c4ce2ec40646063
-
SSDEEP
6144:fFrJxvldL4c5ONK1xgWbd1s79+iStoHXGAn3t5vJcynXgqH6P7ZOcoywV8q+sU8w:Nb4bZudi79LBHXGAn3xhXgZ7Y5byvKA
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_da62bd64b6e3c199c150f7cb6bb42d3a_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_da62bd64b6e3c199c150f7cb6bb42d3a_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\515C.tmp"C:\Users\Admin\AppData\Local\Temp\515C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-21_da62bd64b6e3c199c150f7cb6bb42d3a_mafia.exe A2A26454971FA12E202A80A267414E41EF836FDE300E786AE84B5577C98FE68C9A49F0DE130DDD85C26EDE863781358F20FA94D6392B468DDCE987399F263A612⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD548726309fae29292f46b5b7ff01db908
SHA1d4970bf1c1447bf006b6052a13b1141b7836c311
SHA25664985d90bb4857daa94bc22246303e5ee2c7e733e12461469fb41c3aa0a79e59
SHA5128215966e0fa6103b0f6ba7b60a3175e689a1ec0b5a4da55840caa41e4ec3c99f8ca40d17769d767738d5c042ffe0ae5db99a468fb680e40b5dbc63f7c06f49cd