Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
24/02/2024, 09:44
General
-
Target
2024-02-24_999d7e6d02a87e0929d150a09b9cf7c4_mafia.exe
-
Size
444KB
-
MD5
999d7e6d02a87e0929d150a09b9cf7c4
-
SHA1
796b5bb0adf4e16760100343f327bf2752d0dbab
-
SHA256
ec7a785df43306d3dff9828c62713314e9f2dca96cc95e1f8025443d21ae23f3
-
SHA512
286c988382ff378e2d1124f0c0e8d0fdf8a48b8980391c8e2a181e3c750f7951d10250534e3efc3ee75f1863c2961d7588dd52b8f8963b82ea40c34dd34196f5
-
SSDEEP
6144:fFrJxvldL4c5ONK1xgWbd1s79+iStIvWpBcDE5peUSRlPYJMolbPPD1yXJu8bvky:Nb4bZudi79LjCco5TMGlbhyXzwTcQpA
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-24_999d7e6d02a87e0929d150a09b9cf7c4_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-24_999d7e6d02a87e0929d150a09b9cf7c4_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3940.tmp"C:\Users\Admin\AppData\Local\Temp\3940.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-24_999d7e6d02a87e0929d150a09b9cf7c4_mafia.exe 34912D29EB60554BDA09088BCFCABC794AB5A5F338475086FEC5EF339D26A72AB336DE08A9FD4161E62F56B7BD62AEEC3822D1AD752AB6409577C09ABECB0BC02⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD52fb3583b269e0289aeef1a06b079e3bb
SHA1aae852c4c2bdc7b55d494085d2bb92406329ecd8
SHA256b9f9fd767e29fc3a5185bb3b23b97e47692aa8d798a46aa919fc079b3bc2753a
SHA51238ab7282a235e33e38982ab54911900f5c0b09a6e35c1b7d1dbf4b95222d3ebac306670dfa396831b63fc01f0974ae68de45f937ccc0716a4bfa580b7ab982b8