Analysis
-
max time kernel
144s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
25-02-2024 08:33
General
-
Target
2024-02-25_bf94ec99ebbdb06fa3291da575aa1b59_mafia.exe
-
Size
444KB
-
MD5
bf94ec99ebbdb06fa3291da575aa1b59
-
SHA1
b5f24c1d88b73aa5f7f5a77a9d620cb827ea9336
-
SHA256
a5f682609e199d9754130b4db48b1f35de7fa9b91cfeb860fa0c3eb81ff0a5d6
-
SHA512
0b79a96c5045cc38deec78269e2a75051a45352e561e2b792f5a0786aa704f7c13cdbbbf3db7ee9806d919de8d7247010d5b35a0783a4d02a079a86f4c2631aa
-
SSDEEP
6144:fFrJxvldL4c5ONK1xgWbd1s79+iStZ0ChWqPz7mU0mqLfkg+48WpDO3GzDgNn643:Nb4bZudi79LtxTCWpDOP64mnnDA
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-25_bf94ec99ebbdb06fa3291da575aa1b59_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-25_bf94ec99ebbdb06fa3291da575aa1b59_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\AB82.tmp"C:\Users\Admin\AppData\Local\Temp\AB82.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-25_bf94ec99ebbdb06fa3291da575aa1b59_mafia.exe 2E84EC0DD89E6D0B246B71FF4E70F814DE29DD0D100EA7BDBD000C2DA695411689C4DF4EA9FC5ECF99381140F072214B55BC0C2C528A8CDD0F8113F72A92A9E92⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD56735a8cd0ce5c991d60d04b39dedaa4f
SHA1b646be5e030c5fd13f5734a48c6b3b83b7399b4e
SHA256fd5349ed0beb2447e2025688e3921bc2156446a3d98e93d11c44b5c96759beb3
SHA512e6e778a54c1c39ec83e70c5f14c602aadf73b761dd9860a2fb46ae002004363c74fed0b1500a1007f925f7d110ff0e2f7a3e7f8915fe2d34c49c12b68014004c