Analysis
-
max time kernel
146s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
23/02/2024, 06:50
General
-
Target
2024-02-23_920a56d6b0914216bfbb02cf98a4b488_mafia.exe
-
Size
473KB
-
MD5
920a56d6b0914216bfbb02cf98a4b488
-
SHA1
db9f8546d0f9de076d554b5e5d937c462699bd49
-
SHA256
5426dbdf565185587bb28ab77cdd35a4d9eaa309d529df6e8612a1e9c8bd92dd
-
SHA512
1ced5b5e62337217e57b7a724f4b941179e1a4ddbc918ea943062897d304b0a5997008e1b03706583fdd04c1520c2550ef6a95c23c88ab23c05a3e9f1de187db
-
SSDEEP
6144:fFrJxvldL4c5ONK1xgWbd1s79+iStrguO+fd3ZmGPBaFLlhL4jd6xkq5PhOUzmsJ:Nb4bZudi79LNuO+nodlhu6yWPz5SA0a
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-23_920a56d6b0914216bfbb02cf98a4b488_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-23_920a56d6b0914216bfbb02cf98a4b488_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\57D4.tmp"C:\Users\Admin\AppData\Local\Temp\57D4.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-23_920a56d6b0914216bfbb02cf98a4b488_mafia.exe 68317D4218DEE03953F1BB045152010E0B10D642AB254E5A44FDE471939D785FB5DA6981F68781B765BDE05FBCA2A9930C9A158FBD07077CA5DE611F4DCB5A9E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD53e8f3a01b7cacb34bde153bbeb534a1e
SHA105bdbce2ef2c1e28ba5aca8d46062cb7f300b1ed
SHA256d5999b25f60451017ee5dbf64ecba41f33e4b698cbd709cf02a7f22dc081eaab
SHA5128c11849138eb8ea3ad0d27fbfc7d746095fb011fda4a25b9667286e5e93f5777a31a21ca2b979d90046c0844ac07d45bc6fe55989380db99d5c10d5e359d4ebf