Analysis
-
max time kernel
147s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
05-03-2024 10:37
General
-
Target
2024-03-05_aaf87d54ea41e066cb3bc6018a9cd4f6_mafia.exe
-
Size
414KB
-
MD5
aaf87d54ea41e066cb3bc6018a9cd4f6
-
SHA1
80a696517a475d7ae597033c0b6c3eb4a98d5584
-
SHA256
294c33fcc48f7ab89acbf33f9d17b96d384f9cb0a7e9fb83cdb6b7cdfbd5d1df
-
SHA512
2faa14975298ac7e895f82d0c25c40e0e28cdecf3633ee2046a459b99f8796af931a7773b183c08a31e9f46be682f7504e04004a79c6f096b1edf2b223f61ccf
-
SSDEEP
6144:Wucyz4obQmKkWb6ekie+ogU6BYdfNfS7hWcBPj/DUjkZedq/A0611UV+l:Wq4w/ekieZgU6gBCsOPLDEXI/P6Xl
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-05_aaf87d54ea41e066cb3bc6018a9cd4f6_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-05_aaf87d54ea41e066cb3bc6018a9cd4f6_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\55C1.tmp"C:\Users\Admin\AppData\Local\Temp\55C1.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-05_aaf87d54ea41e066cb3bc6018a9cd4f6_mafia.exe 59F64CAF14737D9543CFA79A8AF865070E7131B1ABC5CF9FED8D6BD422BD1E081C0DD969F4569A1E16C697E39E7D79E9FEC1BE3F2978DB308F440386AFAA8D3C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD5405057dd748aac61066e9f0eb62f4c3c
SHA18531c427544836b304c858bf0c83e5b44dea1bce
SHA25614fd728f11d4943e219e1d8e2e5ba47e074c8920746c714e101688b358ebf110
SHA51284d3321fdf900b96ac3decaa5b8135bb32aba48c7f933333ac94c3a20dd91411b7bc38a0e0d5c4efc7e8f450c8217b3a077c5d7df2ae1817edf2556b92606ed8