Analysis
-
max time kernel
146s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
23/02/2024, 09:28
General
-
Target
2024-02-23_16562069144155add5f3bb5660a41584_mafia.exe
-
Size
479KB
-
MD5
16562069144155add5f3bb5660a41584
-
SHA1
5eb215a3179da7e51850be412f3401f465885ef0
-
SHA256
8896ccc536aae8dd8836fc5d259aa5692dab0c0bcae46ccc332c94a07c49aa19
-
SHA512
e58030ac1f62006f2ed394cae363a73f7d91a328df2b5272549289522e715e8210f123b8978f477442df2e147acfa1d2a5a7b5a3f5a556db1c5bf0af6b62e420
-
SSDEEP
12288:bO4rfItL8HAooglMgcvYu9dUnfqik/Nq975UO:bO4rQtGAooWMg/wWf3CiVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-23_16562069144155add5f3bb5660a41584_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-23_16562069144155add5f3bb5660a41584_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\A44E.tmp"C:\Users\Admin\AppData\Local\Temp\A44E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-23_16562069144155add5f3bb5660a41584_mafia.exe 570124CD39D9CB636662D17FD7FE3A14F1CA1A8AD5AF5FD60B1AA633D4BADA8819E8F0F1278A29DDEC99F229807B3925163A004DD3BD68F961511AA6E17A945D2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5a6317cdc7df60349eedb32efb517979e
SHA1b4a1f5cdb0d874924d7401458f35eda4c605f2e5
SHA256e9bd8e4f39f3924947c6b92a0de079044164e8dc7df4352c4fc38110968ac96b
SHA51236d9666885b86a49f074efd8570383617aa57eb548ad9fc823fab9f9763740437777ce4ea10cca718adaabd65cc080d87a61656f6039969bef3e29f54985f511