Analysis
-
max time kernel
147s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
23-02-2024 04:41
General
-
Target
2024-02-23_55dbeacea344b92beb781b2edeb0ce98_mafia.exe
-
Size
476KB
-
MD5
55dbeacea344b92beb781b2edeb0ce98
-
SHA1
a5aade4898bdb4691c2295575876832e1681b81e
-
SHA256
568c5f6cab4a229be77f86b8f7707d7abf09ee285210f570bb06443c9f27c0d9
-
SHA512
1ab33ebca6d3c54413877b222586086af20eab4b351d430db348287135f35917b03030bfc3e065b96e0f8a93bf32415093c6b505ddf0b64b7d972b4ed1babf23
-
SSDEEP
12288:aO4rfItL8HRIdWGvhADVclXe+sqcOwVp7K9wlsDpVFd:aO4rQtGRAODulXeh5Vp+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-23_55dbeacea344b92beb781b2edeb0ce98_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-23_55dbeacea344b92beb781b2edeb0ce98_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6438.tmp"C:\Users\Admin\AppData\Local\Temp\6438.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-23_55dbeacea344b92beb781b2edeb0ce98_mafia.exe 526DFD78EA493BD34C55898DC1E9FCC4E53A69A2E125D838BC02EE2E48E1A9895AADF44D491D6DE9BDFA87FAE4AB575FB044D4322C6BD8E965DB6C75E2A643122⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD531a18985a8961b0b813a5ba66ba6f158
SHA1188b2f4340218ef4d8957db0abf45ba2c6165a70
SHA256e3135413d1a868d74edc2281fbb5490c726574034343af58b554ab2422b71cd6
SHA512c5d5ecc1b5c092543cc57e4d4cd0944ff8bb16d267da03a204eaa9ac32e5f628c492f0b3c721f1269967b515d169ba3657288b1cddcceec25ac03d74ce02c5da