Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
05-03-2024 08:34
General
-
Target
2024-03-05_6f70b9bb3d2326f403bb87b2c142776c_mafia.exe
-
Size
468KB
-
MD5
6f70b9bb3d2326f403bb87b2c142776c
-
SHA1
bb893e23c3e432a6b9c880926bc5819a550a5918
-
SHA256
44c0cff359bd49b81254dbf640e60e3eb6e7182e3b4048b9ec8a611f6466ce82
-
SHA512
1d1876e0ed6660d4797855c1e10e8b8740b9d3b3e519b3024b2000a6a8f7706565b5ce2d97432f05cebc0bea0ba94c400a4632728575f9feb65e040b5be931d0
-
SSDEEP
12288:qO4rfItL8HGKblc6gxXfHsmwNiD7bWmeEVGL:qO4rQtGGPxvMlN0umeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-05_6f70b9bb3d2326f403bb87b2c142776c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-05_6f70b9bb3d2326f403bb87b2c142776c_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4F87.tmp"C:\Users\Admin\AppData\Local\Temp\4F87.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-05_6f70b9bb3d2326f403bb87b2c142776c_mafia.exe 54DB70DDD608BE4BFC2B3B38FAA719B4548ECBED208542CAFE6254BC367036587FB45B5C93976C79CB10E8956B52B78CFC4E6DE899D75C7AB0AF4BEAC328DE1D2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD58bf9b7008254cff1433bdd5be74ea9b1
SHA1ddedba87d272a26ea0ad2604f0c8284a753354d6
SHA256eecfa2491386b2e6a76c4df1af57bd745950ab9753c7247872ab013e4daed0d2
SHA5127abe406673b6a2dd4e188801b79eab9f4f7a151dcc6eab8cd65431efba5b7e0a23e2b41455eed9f8f6bf821ea3354294625ba78ebcfb45d131f83de5d4d05bc7