Analysis
-
max time kernel
92s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
23/02/2024, 06:30
General
-
Target
2024-02-23_fef5e364ea68def6599547df331822be_mafia.exe
-
Size
479KB
-
MD5
fef5e364ea68def6599547df331822be
-
SHA1
6d6ced82f86910859fbe3301a505e8ded8cc8f8e
-
SHA256
ea2f1e74ddd1f2c847ce7f6cd68701bcc2fae77a7ea68f207e9912df9d4b01d8
-
SHA512
70650e57fd61fe0f46c0e0c1ae03701e5bec51790a514d3547f3bd740ea20418be2da3eb8c56f3a4203a5d73b9d74f60a59ee3fd68bf0b082e409ce20dd66243
-
SSDEEP
12288:bO4rfItL8HA6L7Dk4g7j8wBmIW/rccSyEKHfKQ6jA75UO:bO4rQtGA6Lvk4gHxmI9cSo/6jAVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-23_fef5e364ea68def6599547df331822be_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-23_fef5e364ea68def6599547df331822be_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\471B.tmp"C:\Users\Admin\AppData\Local\Temp\471B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-23_fef5e364ea68def6599547df331822be_mafia.exe 5AC0D0B3DBC0714D1045BA4AB7356BA89184D8DEE4D3CB22CBDA0A50B04D7FA8DE824EEB5B7E79D8AC7B57FE8EBBD500BF9793AB701691175F4773B773CDDFF92⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD54b9666952fe6f0339ca7918c0d22516d
SHA1ae640c908fc290675f4c7be22219f5e3d64e59b4
SHA2563e3a499c51798aed2e9d642a0a66615a68ec088cb3d1fd6df41c1f0c5f568df4
SHA5125ae5409985bb908962f32962cc38864b153934772afaedc982466fe857fa89249c3a22668f5037a846cf8fdff60d91f7ec917783ca00367781535f3e00f76183