Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
28-02-2024 20:27
General
-
Target
2024-02-28_15d67c1282170f63c81e1458ff89bdf3_mafia.exe
-
Size
486KB
-
MD5
15d67c1282170f63c81e1458ff89bdf3
-
SHA1
684b254fd454ccac99bc994ccf16d326fb546ca6
-
SHA256
cf44fe342d0f77c4344899e0a3face8c3e8115f9bf371220c676f0f8c7aa3563
-
SHA512
b246f36f361c2e3f6e8efee9a8caeb78e9aa3bd689f279d92721f8cf18e8ac8072f851c13356cbc1d446230f7441c8ea2d5f1e7398d9b97f9f05836539f6cd42
-
SSDEEP
12288:3O4rfItL8HPQRHzduQIe1n+Hca7mBf34l7rKxUYXhW:3O4rQtGPQ5BFjYtl3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-28_15d67c1282170f63c81e1458ff89bdf3_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-28_15d67c1282170f63c81e1458ff89bdf3_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5081.tmp"C:\Users\Admin\AppData\Local\Temp\5081.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-28_15d67c1282170f63c81e1458ff89bdf3_mafia.exe 7D3178A00819FD295D2FE0760E3E7D5A58E769C954FAEF0456E354C0031DBA48DFDA45809B6ABB8D2CD0093D572BB276160492CB7136352F1FECC2CD0B9A71282⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD562c2688cd6dff6e1b3f5dab247a084a3
SHA183aa0dace125d41f4531663b2d653b1a7db6ba1a
SHA256729dd87ff59857a668856b9891454e0af620d8d4a20f421bb228f7f3cb6d9e98
SHA5129f2aa94dde12a264117dad344de58da92e9839f2a8ab5e659b7fb75e478d6dbc66c573359088d6ff6e3acb52be9382a9354f5bf4ac81d5fe2ec35fe27c78fc69