Analysis
-
max time kernel
104s -
max time network
158s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
05-03-2024 15:36
General
-
Target
2024-03-05_8fff270a1c8c948ce955b3a95e9abb48_mafia.exe
-
Size
435KB
-
MD5
8fff270a1c8c948ce955b3a95e9abb48
-
SHA1
8e56f769776c2caa207c6bc39ed05989e77224dc
-
SHA256
87f3092e43a89bf4f8aa3f08cfc78b8f6d7c0086d42bcc5a5fa63ab9be34b5be
-
SHA512
e3860b22ea532ca9df2d439bbdb4f8e69b2d2f47d1f2a728a41380146bd31f76171a00f3de3f7cc94c26746d2d1887b0b20c8fd9ad7f371c0f13a074c8e6f0be
-
SSDEEP
12288:9W4ufepiqKQ1mc42qdUAhQ5MGLZzkcKwtrotIJ:9W4ufepiqhmcxqiAhH+ZPBoW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-05_8fff270a1c8c948ce955b3a95e9abb48_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-05_8fff270a1c8c948ce955b3a95e9abb48_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\73C8.tmp"C:\Users\Admin\AppData\Local\Temp\73C8.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-05_8fff270a1c8c948ce955b3a95e9abb48_mafia.exe 92E35CA6354660CEC853766D55995D1A3C6FC3364C66299F358054F8FDBA49841BEC90978F0B79A4AC49477A9F4E0D8FC96032698E9741E577EF0A92D06E4CEC2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD585f23e1125b22653015957aaeafd756c
SHA1c57628745d2a312ff43e8a6da4d4f245b89a38f3
SHA256e7095c2e3adddaa43d1803d3375d1e8389f663d7925d2c8deb3204e35c6273f4
SHA512627847dcaebbbef82c64cc1005b3cb23bf7c71fe401e1091d2bf4b8bc0b4928319c0f27d983f1abb889d7e46a95c7f314cdee1d9667e63007664e980d7e43981