Analysis
-
max time kernel
92s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
21/02/2024, 20:42
General
-
Target
2024-02-21_8da72ce745773618ab242fcf1f14af69_mafia.exe
-
Size
435KB
-
MD5
8da72ce745773618ab242fcf1f14af69
-
SHA1
28371ca81503f6f7096920dd6fe1771368b8d1ef
-
SHA256
d1237bd23eaa94974a3f501f102d4847070818790f3ef13e6578b40d63ebe30a
-
SHA512
467febb2597a9e5bed2aab83c8577da508a195ef6302d15f29ef60bc62700f5c6feef204b7c166604493a0b51dd3d4b9c242e22940142d7d365b78b2e9bb1512
-
SSDEEP
12288:ts4acekuGg/ttDjxRnFN8Y6suidooiOgX:ts4aceku/thjxpFN8Ya
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_8da72ce745773618ab242fcf1f14af69_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_8da72ce745773618ab242fcf1f14af69_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5A74.tmp"C:\Users\Admin\AppData\Local\Temp\5A74.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-21_8da72ce745773618ab242fcf1f14af69_mafia.exe E6636D4C71426CD49CE862566EB7C83AF2E692A37362179CA61561DB659255B9B10915111F8B76B59EBB0C790BC163DD9464EA184688BFDD9D1490BB8765BC8B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD5b472a39eba2065cae728dbf743971c01
SHA1a93394cc6b8f0ec5db29a9648260da18d80fb5fc
SHA256d91e4b80b50cc4f07b22a395e648c6967c9cf05cc6b5da1b2646d02ffcd70a45
SHA5129fb5930e396fc1b83d09c6ba1d065b3637f3c0e5f00e9e126fcfc733b0e7ab8715da368a5a5d63e5e88345a197f33ba43830ee7ab8618bc822633783f79238fd