Analysis
-
max time kernel
148s -
max time network
161s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
24-02-2024 08:44
General
-
Target
2024-02-24_da5e7ebc2bfdb252dda6d748ac16f7bb_mafia.exe
-
Size
444KB
-
MD5
da5e7ebc2bfdb252dda6d748ac16f7bb
-
SHA1
46d6c0707f63b9433e8036cb1ead1d16ca1a221b
-
SHA256
635376029d09c9cd29146535681a26e1ed2abd2e6c7602022c290ccba724d31a
-
SHA512
810d5e4f6f7262b77c1946adfec55502c81bacdbaba59a0291836fdb416511d146e2f636494a760678dcbb4762361b953e53ab0abe9b8e56d3842f93fe77632c
-
SSDEEP
12288:Nb4bZudi79LTSXrdvDB44Gki/4Z9fzjt9iajoyA:Nb4bcdkLTuhvNNCqt3i
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-24_da5e7ebc2bfdb252dda6d748ac16f7bb_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-24_da5e7ebc2bfdb252dda6d748ac16f7bb_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5FA4.tmp"C:\Users\Admin\AppData\Local\Temp\5FA4.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-24_da5e7ebc2bfdb252dda6d748ac16f7bb_mafia.exe 8E16B1D3F1475352B904F9719EA5833CDC0578C765C80AD0D321D23C9483F63370C831135E8A07C2A30B0AA028726D8853EE0A95498844B7C7D689B71C1C0F152⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD5929ce6a1a033596e4d038a9672a01161
SHA1a33759b8d821baba0b9a0a087ca973534c37c7eb
SHA256b6e7e9d40c2e4dfb0b9f270c68eab2ab26611458f929d561a404ea8e1045aee9
SHA51232b07cdaa5c51a30f9101c707ff0be386d4d57f96ac073edd99333894c6f77271792a2ab74f3d04ed47f03ada6a22ebea034ffda8d802e47e782e2ba8ed836a7