Analysis
-
max time kernel
147s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
06/03/2024, 03:54
General
-
Target
2024-03-06_b4f4e5c7f8232bd4647a9a03dc3a6af0_mafia.exe
-
Size
433KB
-
MD5
b4f4e5c7f8232bd4647a9a03dc3a6af0
-
SHA1
ba7b645e44fb75774465b2d82dac341e7bd7ee8c
-
SHA256
725735eae3312d4d0e5929087c5f77cdf88627c7ae9581f38036e07d57d278ad
-
SHA512
9f40a20093c7c0b282c6ba1e2fdd1b96ed70c680f025f90b2df19db6fa566ace117b4574fd84de3957a6e4d370392fbe54c587b41cd156503258622a7665e8bf
-
SSDEEP
12288:Ci4g+yU+0pAiv+i9q2HYJRNYEEjAzCGMnD3tGa7++JzEn:Ci4gXn0pD+bwIrVzhMbtC+JzE
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-06_b4f4e5c7f8232bd4647a9a03dc3a6af0_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-06_b4f4e5c7f8232bd4647a9a03dc3a6af0_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\58FD.tmp"C:\Users\Admin\AppData\Local\Temp\58FD.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-06_b4f4e5c7f8232bd4647a9a03dc3a6af0_mafia.exe 8D73F96CD0B05502B579423C337CD63528DD5ACD5A0A1229B8CA4C3968D559F6AD0F60888874C1D73437AEAF9E343DFF4F1D6981465A60A2933A71B571F4A6902⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD55afbe5f2c4cb4bc02a54be3329237ddd
SHA10c20c8974479f37d063410c23c74fe52a1325da5
SHA256b0f47aab9ea395d84cd2b63992deca2b647f13d85828bbd72858a9e748710ca6
SHA5129aba8341aa982646db72a5fc91a3fc33c21590416656b7eaed64c2042600cfa38b841d3c95b6bac0fc78c2c0853ee8476e66a85e4bca33a31cf5e3a1b732420d