Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
06-03-2024 15:39
General
-
Target
2024-03-06_7f7001c4f63edd5cdb48b0ba66be9eb2_mafia.exe
-
Size
433KB
-
MD5
7f7001c4f63edd5cdb48b0ba66be9eb2
-
SHA1
081574d261ff837a9ce6a6d94d2e699686743c64
-
SHA256
86fea582c43ba58d1da84c839c2936733d9a0bd6ad7181d2c901a9d53dde8bbe
-
SHA512
b0c969ad0b61788a7ba389b51dc2c4024a2c41166abed4799613136e3b15d24cdf1226cac1eebb9b7b0baef197069ef3164eec216a364cf0cf1922822e9af547
-
SSDEEP
12288:Ci4g+yU+0pAiv+TVcFZ2wMqtG1fTrgOfg2TOn:Ci4gXn0pD+pEUqExTEOfra
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-06_7f7001c4f63edd5cdb48b0ba66be9eb2_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-06_7f7001c4f63edd5cdb48b0ba66be9eb2_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\46FC.tmp"C:\Users\Admin\AppData\Local\Temp\46FC.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-06_7f7001c4f63edd5cdb48b0ba66be9eb2_mafia.exe 235482E2F9B1A03EB0E903E16E6BA012E1608AC5C26C18D8D827546CED6639A664ED0A895AEB8D0ADFE9DBD4B7A8A3D623949E66C09F77216C5AE7017ECAC9A92⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD51841718eea91aa31c2dec76b7e6331dd
SHA107151b07fc961658a8f01e667ff8e9c2ed206102
SHA2568841e3f246fff790cb4d03cf54c22036e3f42e78e8a76bb80058f0859ea58def
SHA512a14b8a93cde445e4cff342aa801db5d69d1630a9cd146017d66a49adf140d0c9b577b73fec9d5aee7f89746d81e41edc5aa0617995155560d7ac49f7325605da