Analysis
-
max time kernel
141s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
23/02/2024, 05:50
General
-
Target
2024-02-23_7282d79bf9211b481815b91129df8c6d_mafia.exe
-
Size
613KB
-
MD5
7282d79bf9211b481815b91129df8c6d
-
SHA1
66cc6cc838a994c32a38f859ec73cd1e9fef2b08
-
SHA256
ad8afc243951f168da3f836462fd91ce32c652f6e515c6a3c15f2ef0ff3b6131
-
SHA512
39268b6b0caebc34ea960c663a0e1d2c9de2e3febdb8d40630bc486216d165ae60030d5c395be7da205dcc01931efcfdec6cca6ba599d3cb8ef8dc0942061359
-
SSDEEP
12288:XO4rfItL8HP8FpnwGfaxKikK1ML9a7Q8mO4rfIt+2:XO4rQtGP8FxwJP7OLgdmO4rQt+2
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-23_7282d79bf9211b481815b91129df8c6d_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-23_7282d79bf9211b481815b91129df8c6d_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\EDEA.tmp"C:\Users\Admin\AppData\Local\Temp\EDEA.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-23_7282d79bf9211b481815b91129df8c6d_mafia.exe 13D76A1ADA122846A3F4839F6CF7646EDF30671865A273FBAF2B291E705F0B85294D55A9030C00E0C7195154864A5FB85FFA850C1D4D48188DB5F9934841B41E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
613KB
MD52d5c8cc95fa24b3dcd4ad390344c8d85
SHA1ff35a287bbf0d0e5f9c3e9de6f4bd95185787ccc
SHA2567d8474810bd044abd4ff67771b583bba8ca14d1572f2a305baac81583e35111c
SHA51259719717d5583247f4c105225dfee00a49ec57f7b8da8cf5ad2ef740acd31b64c78db92004dd7be3bd8a358cc4ab6c3093c03002dec5876eb85be173b95d8f4d