Analysis
-
max time kernel
148s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
22-02-2024 10:00
General
-
Target
2024-02-22_b633ebef3dd0c5764a237fb087ca79c5_mafia.exe
-
Size
479KB
-
MD5
b633ebef3dd0c5764a237fb087ca79c5
-
SHA1
d6b319ed74437323980cdda5e37e7eb6a5b8b4ab
-
SHA256
955afdf76ca49716ee71d6e9925fa80233e10d54711927b763f14c779f03a725
-
SHA512
7ba89cd4b2fe08c30b2d9f2013415210a319d5abad490b10aace26da3931af876faebf780a434fde8710d09998a4fca46d02b734e1669da9c4324e766d7f6ff3
-
SSDEEP
12288:bO4rfItL8HAmQbokwnVJzLSNHgmk94Gj2h75UO:bO4rQtGA3wnVtmAb43VUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-22_b633ebef3dd0c5764a237fb087ca79c5_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-22_b633ebef3dd0c5764a237fb087ca79c5_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\64C5.tmp"C:\Users\Admin\AppData\Local\Temp\64C5.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-22_b633ebef3dd0c5764a237fb087ca79c5_mafia.exe A3ABC4771F834708364FEA8DBC3F0B966883EB8448EED5F2B8DA035E9A8AE3E950AEE615B1C6C4DF27D72CFAC1420B9DEEDA73A9449FAB95318C0181D7FE396C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5b96659e6b4e877f4a7e308562068aaeb
SHA1b1344bdc892c88fae85680f83b115c98034e0de9
SHA2563abe29f1032143e3b96519abd865cf0237feb0aac9775a14e777a1eb9ad554ca
SHA5128ad4f265efcae6de87717e6084f28069793f1e327f781ec49f392f9756545a4e5e3197bf71f7598494c7ce2c8f143398df2ed80cd28c80e85603d49f94a6cc5a