Analysis
-
max time kernel
93s -
max time network
124s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
29/02/2024, 08:32
General
-
Target
2024-02-29_3941cf69cd9230f7395a425f435b6c7f_mafia.exe
-
Size
433KB
-
MD5
3941cf69cd9230f7395a425f435b6c7f
-
SHA1
c0b8bca4b7df7c5d155deb8f8e284e640c5b52cf
-
SHA256
4538151f87f81a6bba3acf87c87341f06b177238dddc32008585ca1e9b78535b
-
SHA512
29e9c2e6f1c2b74930ef47e4597b05f5e1e6affab819723807286186cb125347f00e48556f8150423ab584ba534bb762c493f6b1adbd1a46b1da14d0e47a7154
-
SSDEEP
12288:Ci4g+yU+0pAiv+grV0pRtPz6FFv4nzrfmunn:Ci4gXn0pD+OoWv4vuq
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-29_3941cf69cd9230f7395a425f435b6c7f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-29_3941cf69cd9230f7395a425f435b6c7f_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\395F.tmp"C:\Users\Admin\AppData\Local\Temp\395F.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-29_3941cf69cd9230f7395a425f435b6c7f_mafia.exe 673FA7E013163BF0086A817D393CCCB26791D4419FC453476C721F5DD2D327898AB2DCEF126C12EF3B9FBDAA7494ACEE9AE5B412BED715CEA5EBB57173008ECE2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD57c8141c9bcc4189f37a6e6ffe714db96
SHA1520b86207dcb3c855cb76f62c2657c265cecc9fd
SHA256f5f94426feb522545bbee6667d8c7cf513f9b18a3b8b7f5b62d96f310dea6290
SHA5128a7c19756009da352510dbf98c87bba42cc4ad468127783c67b2dc75dece16280f69080366faae7e061dcac246b39288da9c543e0d27f87537462f5bd4ec951f