Analysis
-
max time kernel
150s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
05/03/2024, 10:34
General
-
Target
2024-03-05_899b9f8e5a5ca723757e6c1cabcce5d5_mafia.exe
-
Size
486KB
-
MD5
899b9f8e5a5ca723757e6c1cabcce5d5
-
SHA1
5451d544ac05eb73ed55ac2b66ef0ccbb43afa9b
-
SHA256
d8598b0ff113e01ffeb628b1dba87ebad7d4ac12adaae6ebc59a060d623b615a
-
SHA512
3abfda74e612f1a95e521381eb4ffd0f07407f09bfe947a39f3c19702fd878e4dfb9db0761cfe544d9dc03b49bbbd9001e3335bd97cb03f78e44649f84758413
-
SSDEEP
12288:3O4rfItL8HPmtNmnuek7S+x1XtBGyeDSd7mCT7rKxUYXhW:3O4rQtGPmnzGU1dIyZdy83KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-05_899b9f8e5a5ca723757e6c1cabcce5d5_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-05_899b9f8e5a5ca723757e6c1cabcce5d5_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\53BD.tmp"C:\Users\Admin\AppData\Local\Temp\53BD.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-05_899b9f8e5a5ca723757e6c1cabcce5d5_mafia.exe C310210B4378A0296560B9BC841CA4455225B586F7D4345820F23429FDE2DA3203F463A02A4C026B378711B07EBD95FDA3C6BC24A3BF6B8756CF54C44F6B3DC32⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD5b94944808d55e71078ee547c3ec62166
SHA1ce8d09bba7cb417e71c2fff477e5b35a63f43936
SHA256b35820f058c0f78bb555d646097ff6fb7e026941cfa46aa3f1b54eaf82852643
SHA512bd3dc423528a391f23f22faaad6a845479d193f55c80da3c0fab9bb5071def9132edf7b08e7ff76bed8b3657e83f7fcdfd11384dae8ea0d81c368f0b0b1e312c