Analysis
-
max time kernel
143s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
23/02/2024, 06:10
General
-
Target
2024-02-23_a745910533950c995958ce3e96c3f6d7_mafia.exe
-
Size
479KB
-
MD5
a745910533950c995958ce3e96c3f6d7
-
SHA1
3caad768e5c5f72826762f55463b8ba70800cb69
-
SHA256
1c5a2dd7593e00127cd9d52875a4a408a3d5aa32c9c6fa0fa9eb462e419b593c
-
SHA512
a8d10e4cf80c26712d3731f69a2ccaffa942e43c332ef30ffe8f1049c3a8ff1f461c6b3070ec1c5bdb41a22c14c1b8d2ee19cdd634d1ce8170fbeb517420c83f
-
SSDEEP
6144:b9EyS4oMxIkjxcWqHtg88HARRUM+8Nv6VWx57lOC3zS7xvPGfXObm3eoFIBoTs7d:bO4rfItL8HAvhjHzSZGfXOb8eXUC75UO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-23_a745910533950c995958ce3e96c3f6d7_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-23_a745910533950c995958ce3e96c3f6d7_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FC23.tmp"C:\Users\Admin\AppData\Local\Temp\FC23.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-23_a745910533950c995958ce3e96c3f6d7_mafia.exe 4DADF98C1E3FF12CAA4634EED15BB7AB01FCE4CCE003FD3DBA2CE8B3EFEE6ADC5E60347F17E67F90FCF39A4C7EFEA7ADDF667EB2B9F3D7A09F45A01954EA8E3E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5f769b296e6e0b21da965ae24559e5579
SHA10848601b1ae99ce8edac837b07fb0205fe1a420e
SHA256a5fa1ea522dcbc518b7af811cca7da1050f52512288bc2b1907bc276f9e386e6
SHA512bd3ae379f98853d3d6afe3d4f7b63580f0ba628b08d29f073fa31abd7f934fa9026d2935a32ba2b7410994f69c30a53804193ec8187dae9958ddbf672883d6c8