Analysis
-
max time kernel
94s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
24/02/2024, 19:37
General
-
Target
2024-02-24_6b776e4ee978ee31573037101ed09d42_mafia.exe
-
Size
479KB
-
MD5
6b776e4ee978ee31573037101ed09d42
-
SHA1
88d4bfc7776fb465fc502beca797e009d76a4a45
-
SHA256
e0af6a836be86bc8a02218778380929ca088501c727fa8d1221bdc178d88d5f9
-
SHA512
c8383f92c588f2135bbd7910ca976df0ad54d248fc44fb3638644112727cd6af7ed6050f5279b6ee461b9b98645515a67c6d8e354dbff93d87bb51ec297e98e2
-
SSDEEP
12288:bO4rfItL8HAnphpQxqVFmz6PY0Nw875UO:bO4rQtGApwxqHUgVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-24_6b776e4ee978ee31573037101ed09d42_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-24_6b776e4ee978ee31573037101ed09d42_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\374C.tmp"C:\Users\Admin\AppData\Local\Temp\374C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-24_6b776e4ee978ee31573037101ed09d42_mafia.exe E7BBA08BD230DDC7887190B243850AF22F7DCA33AAEA1BA51E2E9DFBAFA82A78339A88EC7693C4E48900E740BE415B01A3E3DFCE3A3686973C97FCFBC8CCD2E02⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD51bbc5f6bf92792ee83369acb9d68f141
SHA1aa6ea8033ab37262fc8b9676bbf97df5e00a2522
SHA25654a45169de6010b625122e5784843664d082ec36243d10ed14e510f12b96cccf
SHA512559fc7622a199e40f7bbf766b69c587e00a466cf705dd04a5fa07036e9a6808d0e365a2351911ddf1bbd5f403bb3d80e04b166aac65767f5fd678191a9135eff