Analysis
-
max time kernel
161s -
max time network
189s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
06/03/2024, 02:22
General
-
Target
2024-03-06_15797df27b16ad67b58bfc9e1ff10606_mafia.exe
-
Size
468KB
-
MD5
15797df27b16ad67b58bfc9e1ff10606
-
SHA1
118fb5704cbd01337e7a1b13a434946f46d4d3f5
-
SHA256
60b8e96a86b631f8b3b3dadd901b6aa09c3706777d622dbd0865c5d989178192
-
SHA512
91e7a3db044bec0d886deafedbd19dbc34530dfb5da270d5e118c8555f2a3fd046f517a71ea138d7d8a20996668f03f687168b1e0145ec73754ae889da5f8b1c
-
SSDEEP
12288:qO4rfItL8HGhlrcjUsd6vraKQnRxqIbK7bWmeEVGL:qO4rQtGGjgjUsIvraKQ3bKumeEVGL
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-06_15797df27b16ad67b58bfc9e1ff10606_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-06_15797df27b16ad67b58bfc9e1ff10606_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\21E.tmp"C:\Users\Admin\AppData\Local\Temp\21E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-06_15797df27b16ad67b58bfc9e1ff10606_mafia.exe 44B41507B532F466BB4B99215AD3990C5A32DB8D8D5A7DD39CF75183A6703495153CA62BECA3E4DA58A1F79F1158D41A264A9A9EF7DF05474D9853ED4CAB02392⤵
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD587a85760d6fcb6d337b625cc07e95bed
SHA1e889effc77a76a809d95ae84e0b374b455b647e9
SHA25669f45a44c614c174fac5135c1773c75b9abfc8ef940b6b632ef12d5d59aed5cc
SHA51277250accd7b0baaf853437bd85ad606aa0f91021badd59e2e209f5fbe2a6ac34a2f28ec4dc40a3412cf253310d11095795336ffe435789956d3c6c7a71ffbd23