Analysis
-
max time kernel
92s -
max time network
116s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
25/02/2024, 11:35
General
-
Target
2024-02-25_baa2576f6d76577d97129373c6a2f894_mafia.exe
-
Size
486KB
-
MD5
baa2576f6d76577d97129373c6a2f894
-
SHA1
6ce5619495a17834baaa2ce50f4d4678637b6203
-
SHA256
e77347325cd048e05081ada8bf4c63386defa12f93080fb03b17ebc8f072866d
-
SHA512
b5599a9772a36c4855b92e31143cf6b398318e8462b49278fdb552507657c8f93c8ee7fad70710bf01ca0edf14ec45b03b2445a4f5abc132fad0426d2b504608
-
SSDEEP
12288:3O4rfItL8HPxlWuZ2h2/Ek3QjRcOpS7EJUS6XXD/7rKxUYXhW:3O4rQtGPxltZE2/Ek3QjC6S7/XXD3Kx2
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-25_baa2576f6d76577d97129373c6a2f894_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-25_baa2576f6d76577d97129373c6a2f894_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3D76.tmp"C:\Users\Admin\AppData\Local\Temp\3D76.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-25_baa2576f6d76577d97129373c6a2f894_mafia.exe E8485FED81AF74C00458D4AA52E7FF4FAC7D0AA0F26891C5BC5C58C631A349C9D44D45E09367CDA12B08E09B44D4CF3953202F471E50284B0A7C0A9FBBE97A542⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD582dab93cba0dd830791b62e8e456ff64
SHA1895fbef21a6410a93e9571b43db33bfebcb46df6
SHA256a077ca55290249ce864807c25a9459c98ccdbdf50de57f91ebba40ffabb0a629
SHA51269bda47c0dad2c945c5d8acc50a37594c6514164f6ecdd7d870d4cf73f28c45e1f7a00012a62869fd642167bb76210ebdaa9d233dbc8fe7e3797eefb5ea74a9b