Analysis
-
max time kernel
93s -
max time network
127s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
24/02/2024, 18:13
General
-
Target
2024-02-24_da263bd6937f03408b3cc66c52e56de3_mafia.exe
-
Size
443KB
-
MD5
da263bd6937f03408b3cc66c52e56de3
-
SHA1
9f0e3ec57ae9fa6cbf27d5c38fb9cc7b2b79a17f
-
SHA256
884855f0751017de85d2391ce351df461cb7f10d739ef4201742c1309621687e
-
SHA512
d17b22ba4b1a8c7bf4b0da71ea54bf5815fcfb05dbe883ff1bd2844d9e621d61394fb6b6b3677acce99be0e35ca25dd2bd2d4a8e43242f72037819ef1a9e7ec6
-
SSDEEP
6144:Wucyz4obQmKkWb6ekie+ogU6BYX8ELzUb8WTosQ7ZYPHSF9m3lMa:Wq4w/ekieZgU6080UgyWwyFU3lMa
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-24_da263bd6937f03408b3cc66c52e56de3_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-24_da263bd6937f03408b3cc66c52e56de3_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\37C9.tmp"C:\Users\Admin\AppData\Local\Temp\37C9.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-24_da263bd6937f03408b3cc66c52e56de3_mafia.exe 2C56029A95B36297A5A4FBACA36AC40C491EB404E00F3108CB879BF0E67BD0FC518F2980B177C70514B2BA7DCDCF0948A957CA3D5CA5CFD98935BCFA4879C6EF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD5ac4ae729f8ad6f2729692dac4b2c11d1
SHA1bffd48e90b7309398ce9b0497294fd4cbe1fd0de
SHA25624255d73fc837176c562e19964585c1829215c70f4c8feb0535fde88f6fd94c0
SHA512723aeed3ed1cd8969eccf5c958000f59f5bca10090f33e19307d617e0fe56ea4496a82c78873ca2042620b449aecd1978ed50247aa75948cf0b677e3b7985f25