Analysis
-
max time kernel
92s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
21-02-2024 17:25
General
-
Target
2024-02-21_19ca004c802db8b9e1b9274f60cf7b7f_mafia.exe
-
Size
486KB
-
MD5
19ca004c802db8b9e1b9274f60cf7b7f
-
SHA1
d0da7b5dc7a0f19b479cf0f145bfb6a5b2d81f41
-
SHA256
2d2f12737210ef746166636fa58e9ddc22ea2e6a9cf4064c97c9bb4038169b72
-
SHA512
9e460f4f70325431d1409df72c27a9cc9b4ab6afb99e47e230a5c5ff6e8eeb206bc037458738bcd88806371a7b04fa7a2cac97e634150e21429887f9805d7ef3
-
SSDEEP
12288:3O4rfItL8HPJduULqb0wvOOwRDcL1fAzD9W67rKxUYXhW:3O4rQtGPKUub0gt2uX63KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_19ca004c802db8b9e1b9274f60cf7b7f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_19ca004c802db8b9e1b9274f60cf7b7f_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3354.tmp"C:\Users\Admin\AppData\Local\Temp\3354.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-21_19ca004c802db8b9e1b9274f60cf7b7f_mafia.exe FB489D01D7BF64A8632C578D02D7C845D1103B3CEC7F24E762AC7FDEE9775542B106E90FF6522A435E496444EB2B1A979D2392EEC36064AC15F441D42EF30D6B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD5df9738a113ab25c2f40cd88297484ded
SHA13f136c63651fcb60b32c17e465efdb825ef88bb5
SHA2560f6e7386305df9feb8fb8fc4caeb5e7bd49db0f09484aa0f51389c6bd7277b5c
SHA512b499a413075eb8bff0963e0eedb9921cbb322f4d0bbe01ecb29c6a8a56637e54e57dd78c1bd8f8898f4b4324ab38c7f7f3315547133c11591419cdc7bc3805dd