Analysis
-
max time kernel
150s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
28/02/2024, 16:28
General
-
Target
2024-02-28_095385be868ac63726ed7ba39901493e_mafia.exe
-
Size
476KB
-
MD5
095385be868ac63726ed7ba39901493e
-
SHA1
c796e5737adab6e80afbe2e1a594eedf0ac79b60
-
SHA256
449055abda52adc780b122244b92118ec597be4594f9444805547ad5e97cebaa
-
SHA512
f18bff7b7bcc9664c597cee3ad1ec9640f9305034d4362e43c0c7f892a01f11b590e02b6aa78fb877642b2a8f3d8a09800fd666fe6575187093e90dfc0a07d3b
-
SSDEEP
12288:aO4rfItL8HRWTy65Rihh4g5TjaVTA7K9wlsDpVFd:aO4rQtGRn6uhdsC+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-28_095385be868ac63726ed7ba39901493e_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-28_095385be868ac63726ed7ba39901493e_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\34BC.tmp"C:\Users\Admin\AppData\Local\Temp\34BC.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-28_095385be868ac63726ed7ba39901493e_mafia.exe F779FA35C6F7949ABC40F495D15EC0B6C79784DA5A624FE44E2D2EFAF728682F0C81A4AC445C549B28F3664C25F4013C203430FB00ED48F50BCB835756FFF79F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD5d8b12e224f11cb65c279aa3653802f49
SHA16c1dafde6b9640ed9c31c3f44e90d84d754f1cba
SHA256f4e31521f128b7a03f274cc841b144484570a13d35dfd778f672e8b6be55d8f8
SHA512f1fef1720df567ed7cd265b49e75fa69bc93ee73cfcee5d4b15fa7a95838eec41b64efb68d702997b58fa57d3ebd2a3a4153ade5befb6fbcd8493a234fd27665