Analysis
-
max time kernel
92s -
max time network
127s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
25/02/2024, 12:59
General
-
Target
2024-02-25_e83bf0ac0b4ec126f30f4ef7435efe66_mafia.exe
-
Size
433KB
-
MD5
e83bf0ac0b4ec126f30f4ef7435efe66
-
SHA1
7ba05e088a07394161917b316448d69335451134
-
SHA256
afbce042bf2e68afd7789611eabd1408f773b622adebd183dcf3b9911ee6e66f
-
SHA512
cb4a56af30cf8d9910e33d3ba9dd396e0d8f853d46898d774cc630bcdbf19f5c5c3f6d7d2635830c088ad8f7e03e23a9a71cecd3432d24c93d325c2eccb45a6c
-
SSDEEP
12288:Ci4g+yU+0pAiv+CtFq0VI1ohxkpkquUyIjWn:Ci4gXn0pD+Cbq0bkpkq9zS
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-25_e83bf0ac0b4ec126f30f4ef7435efe66_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-25_e83bf0ac0b4ec126f30f4ef7435efe66_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\29CF.tmp"C:\Users\Admin\AppData\Local\Temp\29CF.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-25_e83bf0ac0b4ec126f30f4ef7435efe66_mafia.exe 04713E447BD5C338923DEF71B78CEAF0B005EADB163D8A4B1BB1CAF52968A0682194FB767F8009AA573B4761473889AF00D15A6FB8CAF875760DDFD979F770D42⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5d0fceb3b6acc0c3ed018ee5a100d9032
SHA129d4f6afe07c40f3ccd53a4d979b2ee64a89637a
SHA256a6201fb6b0d50e5ceeb67d7d61cb837d4e3473f1496b68a33c45f0f52937f86c
SHA512db8b959f16d1c2b34e095271828e30cddc9be75860d860db272547d54c10499824d95c81beab440ec6128262ffe03ca6c99edea84c5e6faec6fc3fc93f159819