Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
21/02/2024, 17:00
General
-
Target
2024-02-21_b65b90adbb8f9f4e60c6794a2827a7b7_mafia.exe
-
Size
479KB
-
MD5
b65b90adbb8f9f4e60c6794a2827a7b7
-
SHA1
db95befb70a53fb62a18b44e171906a82c005b72
-
SHA256
05be3d9d299ca2da3f3ec3544ca535212dab5359360a229d4b294d22c1c0073b
-
SHA512
1c7ccfc9063514c171f636618bd00c194fac5d7d531a753d56da4196d6110273a29f3dccdf9f15e3fe3e15f4cdc47ac4ec0286c2d36e451b90c3e1eb509d5dd4
-
SSDEEP
12288:bO4rfItL8HAHNJWpNjCVpxL5kQYbveIIAhynoAZe+75UO:bO4rQtGAtJWpNgnJSveIJgTVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_b65b90adbb8f9f4e60c6794a2827a7b7_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_b65b90adbb8f9f4e60c6794a2827a7b7_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\40E1.tmp"C:\Users\Admin\AppData\Local\Temp\40E1.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-21_b65b90adbb8f9f4e60c6794a2827a7b7_mafia.exe 824A003EE86935C5C54B76CD15317E03399CA983CECDF175536DE01B0D70588E17931B76B49D6F7618087241D22CCC6399CF967C0750B89CC341D86419E3DDBA2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5d3202d8033e43e1095d0db1ed2d4b670
SHA1f383ee4243ae673a3e65166f6ee9aba0e41ad861
SHA256eb1ad56f57808073f8e69d9654aed83090cf5e815b2c3513679c247f4d508366
SHA512582c12046942022ff6d8a934f4c81320b30ce298acf8ea902f321c81c3de2db4a50bd4030e7c162f1eea36734d23a5525c3c289fb2744f405efed8c3ca52c51a