Analysis
-
max time kernel
145s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
22/02/2024, 16:29
General
-
Target
2024-02-22_31d55c8fbfe20bcbf568d2e2e908352b_mafia.exe
-
Size
476KB
-
MD5
31d55c8fbfe20bcbf568d2e2e908352b
-
SHA1
306ec1f6f95dbf7a91c68d4a5ac63b18af42369d
-
SHA256
d918541f1b7efa6e7aedb1de7999e115966ebbff195fa1875c364c3c9f82aaa2
-
SHA512
456477b31d1dee5fa12c24036ca290129352eea2ea5d9e25508780450db5c4f51e6ffd5d89c14acb3dd605fb921840653dce5b4be5e12fc5fb4df984b87c7994
-
SSDEEP
12288:aO4rfItL8HRPOc9qNO0cyt+eVt49YgnP/Yikt+M7K9wlsDpVFd:aO4rQtGRPOc9qNqytn49ZnYis+9wlsDn
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-22_31d55c8fbfe20bcbf568d2e2e908352b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-22_31d55c8fbfe20bcbf568d2e2e908352b_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\C98A.tmp"C:\Users\Admin\AppData\Local\Temp\C98A.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-22_31d55c8fbfe20bcbf568d2e2e908352b_mafia.exe 0EBABB84523FA127B37AE4D8808CF6250B4CE6B940D623EEAEE296351839866B2B93B153A7AE8480ECBD7E988A4398109A6750DA839EF7193DCCF1B44FD6170A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD53da6937ab11d6cdd0238265a054aa1ee
SHA13feaa4590752748ab23927e1b94e6603e969fef2
SHA256012fa791ea357d6b4777319698cc1bd51c24665fa5d53ed12ef54b2a087b4ecf
SHA512166e0e7fd98721dc6a6d610d00dee1f77a380e2cfdaecf3fe4558c1bd94bf7600cf53a9b4e0b8627b3024cf8d8129ae871715930bc2d1cc8df6c86a1faebacad