Analysis
-
max time kernel
148s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
21/02/2024, 16:57
General
-
Target
2024-02-21_a79e3d24436e096d121b146be9eca830_mafia.exe
-
Size
476KB
-
MD5
a79e3d24436e096d121b146be9eca830
-
SHA1
cdcc938264baf8f911dd6dc999ed85bed3447e13
-
SHA256
c85a15dd24286e95b2beac513ca54ea0fd3554f49a1752d04737e33f6b64b13c
-
SHA512
7aee4be60bc232c1bf769d3a59029a9d9c35b17c2cb80c96236e6fa5f39ab9ba27ecde25b3155e77ef0e0bdf7dfb2eee371548ac3f5ee01ff8777fd2b59d4266
-
SSDEEP
12288:aO4rfItL8HRn+RGzhqZB/nqm2lCVdLcODwxQ7K9wlsDpVFd:aO4rQtGR7hqjvqfsLcOs6+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_a79e3d24436e096d121b146be9eca830_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_a79e3d24436e096d121b146be9eca830_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6428.tmp"C:\Users\Admin\AppData\Local\Temp\6428.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-21_a79e3d24436e096d121b146be9eca830_mafia.exe B5FEF099437001265770C0CFA60BC61F0FF0E0A691FF41C25E9E461DC2F8995B4A4A81605D0F3C37CC825BF45FD6C76F62C3D5F8593DEFA030E4AA7AC9BBA6542⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD588d1a90463d0504a415b4377f5a14f8d
SHA1390294f2144ba2a4042d6affdf9240f3ff90078e
SHA256dd91ac236cf1b80caab3e81a328d5533f0a53a5fcf2c4aab7b63a0ef10dd5901
SHA5123f32edfbba18d5746667ec3ce80f47730fbd3fbf2c6e0aadb68a0ae71d978afd48f892493c8eec9977a2fbaf071aeec7d0d1906400d7502f1e4230a29f073246