Analysis
-
max time kernel
149s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
22-02-2024 05:41
General
-
Target
2024-02-22_5fff6c3cbd0817de211f3df90cac8df2_mafia.exe
-
Size
414KB
-
MD5
5fff6c3cbd0817de211f3df90cac8df2
-
SHA1
91a1d3535d3482fb9192887d1fa39c27cc043099
-
SHA256
fc8e278e8685465c00dd7d3f815eeb1e3e13932f6ca7b59052bf56074284b6de
-
SHA512
f3042e74d70395ed859d90122a465f5763b27bf5e0f10018c34a23052e427a1ac56253dae8bce76c2afaacb2daf76661f60718c52ae526a80e12783897921beb
-
SSDEEP
6144:Wucyz4obQmKkWb6ekie+ogU6BYo0D8Ht8YdRp0emoV/jSFf/zY0IUoO8frl:Wq4w/ekieZgU6k8HtfpvVWFf/zhTlCl
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-22_5fff6c3cbd0817de211f3df90cac8df2_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-22_5fff6c3cbd0817de211f3df90cac8df2_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\45A4.tmp"C:\Users\Admin\AppData\Local\Temp\45A4.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-22_5fff6c3cbd0817de211f3df90cac8df2_mafia.exe D4126E3F140357FD87EF801EA2B389413A3DBD513AED8C7F32796927EBF9FE35B8D0FC27A2305C7F5865403F264DE85A16962B2BDD03B782C2F1457ABB49F7B82⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD551cb808e4124fb01b607e33ae48b0d1c
SHA16cb0a3ac18b723d90ac821c40b30a0b4cfb78866
SHA2567aa68ab50f9614779bf405434da77166009ab37f7b6ebce502b428ba391ca465
SHA512ab6e2063a89b6bc7c174b8514d7e978cabf2046515052171fd61fe3766245520fd9bdf7face392b37881839e991b05c7fc59815e102b11f78a1b6da814b0e61a