Analysis
-
max time kernel
94s -
max time network
113s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
28/02/2024, 05:23
General
-
Target
2024-02-28_01f2fda7ee6f61528d1b145a028abec9_mafia.exe
-
Size
468KB
-
MD5
01f2fda7ee6f61528d1b145a028abec9
-
SHA1
ded63e9ef01bff8007ad9336b667a741b02bc1b3
-
SHA256
1e29cfa59e1c964f571119719bea663b837d3cd7a803e993b9077da649f9d9e7
-
SHA512
5649c475cf7f74f8ddac760717f2acded3565f45e9571d001264dd69aeb50e3dddb30258f4d00a66555ba01dc7faa9046968d1a4f59850f3033bf4244154a7b5
-
SSDEEP
12288:qO4rfItL8HGHK+yn2SthdYWpFUHc1+0l7bWmeEVGL:qO4rQtGGH4n2UrLpU2umeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-28_01f2fda7ee6f61528d1b145a028abec9_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-28_01f2fda7ee6f61528d1b145a028abec9_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3141.tmp"C:\Users\Admin\AppData\Local\Temp\3141.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-28_01f2fda7ee6f61528d1b145a028abec9_mafia.exe 737771568D2DA1E8DABAAB2366C6C1A08758A632A73309EE5496CF6CA58423B3D85FB916B6B2201BC0146C0FF983A993EBF21C079C95E5658456B63E2E6287942⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD55ff291ad4b788dbb2221b5bf6330d51b
SHA178f597a799bca61dbde6ea5e149fafa2fe7286af
SHA2560de6838886bcff64192de2dd7ebe7858346fd71dedd48ecba179637e22df310e
SHA512a79fd1f35e0e806308fef8a2be091cca1011a24e96bf848362665ca4e47d9d74fc6a773a11827cae3ab113215541df44cde186b589609a6e8f08bfc452880aab