Analysis
-
max time kernel
94s -
max time network
122s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
22/02/2024, 16:38
General
-
Target
2024-02-22_a9d34230020ed101d3f11390174dc476_mafia.exe
-
Size
479KB
-
MD5
a9d34230020ed101d3f11390174dc476
-
SHA1
d07a3159b9732c66848fc87ecfd7b61f6d764f9f
-
SHA256
338cb35cc4dadcb8f588a8877c203fda4c16917d7381dd1bd6c5629dfa28f29e
-
SHA512
2829e58a282fdd2501c3bfec665b3fb3cb2d6df800264a8a4b2401b4ab040c56f7af4c75f84b57321522eed3c656199218d1d461611f9e6fed272786b909e4e3
-
SSDEEP
12288:bO4rfItL8HA+xkvKmsujBsRyogs8iGa+j82Bz75UO:bO4rQtGAqKbjSR5jGFQ2FVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-22_a9d34230020ed101d3f11390174dc476_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-22_a9d34230020ed101d3f11390174dc476_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2AB9.tmp"C:\Users\Admin\AppData\Local\Temp\2AB9.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-22_a9d34230020ed101d3f11390174dc476_mafia.exe 6E3DD2AAFC531054E7FB2A0670BD221723B8473CFEC4CF7013B0D113B9E2D34EAEF6B77A6000A3E45EC944C73F24FCBAA76823B4F7E3FE63EFC585318DA330EE2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5f3ef91bb35e6f980b9596c6742988941
SHA1165ebcb8d1655756f01bdb495d2504687e1626ab
SHA25636da283105a823846460bf38f66d4a5abdd90b40547b34e26ba064b375ba21a6
SHA51274cc2a66af0835a62eaf579ff1654f760017c51991a4ff82195870b93ddebb1ef5e46ccba038aea329f1d668910d6ef2316599242b8ca555b6274ad7f15469e4