Analysis
-
max time kernel
147s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
25/02/2024, 01:29
General
-
Target
2024-02-25_4702e681346544f3fda04d9c23f11309_mafia.exe
-
Size
479KB
-
MD5
4702e681346544f3fda04d9c23f11309
-
SHA1
fd782c35ae879fd60a89565dbd1b941e70200af8
-
SHA256
9a2364108a9fba1cc9a6cf533098760c2dc004a340232ed3f493b29dca214b23
-
SHA512
c2598df21b6135d0b5989e4ed12bad4435a228987fe347e6f7b0c36f41c72a35612a33d7205e05837c03f100277bea4f1cf375ed64646419270c411347f78e3a
-
SSDEEP
12288:bO4rfItL8HANEnyfmr40SLUlt7nmEnMQwG0Dl+N75UO:bO4rQtGANEt4KlRJF2l+NVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-25_4702e681346544f3fda04d9c23f11309_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-25_4702e681346544f3fda04d9c23f11309_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\65FD.tmp"C:\Users\Admin\AppData\Local\Temp\65FD.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-25_4702e681346544f3fda04d9c23f11309_mafia.exe 2F0737376EA1B48441985DD0D3F0C03C2D5179E78EED695A36C73D22D63EDE311EF45393B6EF94025297B6AD9FE9BEDBC5BC8A6BF16262C082B05A76C23A8A862⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5281f959ede3569afd0565c1dbe706769
SHA183d53d670ff7ce4aad70d373ec11751baf062dd1
SHA2560b646e2dee244c8f15e405694021137138647d5c7eee2de45eeb69fb13a1cfd1
SHA5126717bcdab3fc9aafe61654ab92a4dcc4ed2b8f41131755fa8202811cd69665d0b2707230f2851491afdcea211522c6c417f5bfdd3128b6aeee8856df680963c0