Analysis
-
max time kernel
143s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
25-02-2024 05:26
General
-
Target
2024-02-25_09b0332435213349cc7c9cbec0d6a5d6_mafia.exe
-
Size
444KB
-
MD5
09b0332435213349cc7c9cbec0d6a5d6
-
SHA1
f7bbdc0c709e826afd5b5206638212e0a8ecc454
-
SHA256
cf32c3b56e5d6ffaf038169bac1d9583c048570b6c23ba6f231ff7cad44bfbde
-
SHA512
b571df27e6ee2a9b000a29b54b286f5ed420f609c8ec94d8305d257403131ca34ed89946d76de96604b3158abadcdd683944f5078d37e77b20761be63f38b30b
-
SSDEEP
6144:fFrJxvldL4c5ONK1xgWbd1s79+iStha13gQU9G7UIla0Y8ZXlyCV7pIM4fFdVDl8:Nb4bZudi79LWg7UR0Y+b4fRkkA
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-25_09b0332435213349cc7c9cbec0d6a5d6_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-25_09b0332435213349cc7c9cbec0d6a5d6_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\867.tmp"C:\Users\Admin\AppData\Local\Temp\867.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-25_09b0332435213349cc7c9cbec0d6a5d6_mafia.exe 51AED7B69BA5765058753F7DDDBC0E071CFA0A05EDD86A908531F544F9D9A4DC54B5509251A6F408F7CCD9ADE217DD85926B3736ABB31EF5A8BF0C967697E3F32⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD598414d1bf3a26e34c28ef1b2db7935e3
SHA15a161c05b70924cb45f15a2e013f94ae885eae51
SHA256039250e2d9fde0628698e00c667c00a30ef63f39f95556fbdc8ca4a823bbde85
SHA5122f74729aee39e890ac83764462bfb54b234b7341f6a63ca264c84746cb2ca2d7f23ff8f3f960518d77d853033be961c32adbf174f095175cb9028661f369f873