Analysis
-
max time kernel
93s -
max time network
115s -
platform
windows10-2004_x64 -
resource
win10v2004-20240220-en -
resource tags
-
submitted
21-02-2024 14:13
General
-
Target
2024-02-21_debbf50417f59cfb2d27ea8d83b75573_mafia.exe
-
Size
433KB
-
MD5
debbf50417f59cfb2d27ea8d83b75573
-
SHA1
bd3f4f4355fdbd63926d19576b6ba5d2521b8735
-
SHA256
115565d2134739d07fe0b064d7a56e19068adc805bf38a0ff310cdb999ef501f
-
SHA512
060a0d757626327cf22b76f7bce24e8da9d4e5ebb7617775b63788033e776e8f7c017f302fab75fa36f4761cc96a782e3d4b915c036a787ef06b61a64ad82a0d
-
SSDEEP
12288:Ci4g+yU+0pAiv+K8W441I809+a41i293YoHVc4v+n:Ci4gXn0pD+KEZ80m1l93VHVr2
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_debbf50417f59cfb2d27ea8d83b75573_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_debbf50417f59cfb2d27ea8d83b75573_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3652.tmp"C:\Users\Admin\AppData\Local\Temp\3652.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-21_debbf50417f59cfb2d27ea8d83b75573_mafia.exe 0D034B32E812E01918953C604454F5283F5D22312EA746B59BED656A3DE111E880719732EDC349238FFCF04800154C463F3FD8D07D68ADEB50C629F4C2373ADB2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5a133e750803b578773ce1c75c5b461a9
SHA191a69df90a7f54810fb9b0609dfcbe2f01e9be2b
SHA2563322d59f1e3d4a20236095c25bdd0cff03a257f5d52ec84dfaa7fe89b2024d3d
SHA5120e11586f3b330fcb865f267341a8a25b309a2c7ce1f74f36d791cb6b187d6a21d42dec71a0ddd666c5d92e9ebdb6769b7a14e3431e8922779a06491df218c799