Analysis
-
max time kernel
145s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
06/03/2024, 15:55
General
-
Target
2024-03-06_f05d789e71b3dc6a592edf897a0a3a64_mafia.exe
-
Size
444KB
-
MD5
f05d789e71b3dc6a592edf897a0a3a64
-
SHA1
4a988e05430348e153a6a4a2c0bca14d9fd345c4
-
SHA256
31b920d0cd53a7cf267ea8f44497bfcdbdc73457dadbf194ddbe4b9f9c5b4d1a
-
SHA512
7eb34798d3fc6d72fe7f29341929df30cb711a09b36f7c9da74074c539628331859b9396c6150d805465ac76c57f3064ac4772b40b2c719de94a3eabb0a0bc5f
-
SSDEEP
12288:Nb4bZudi79LIxkpLqopvYSAXbdjaNbqJKqKA:Nb4bcdkLIx8LPoXdaNWD
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-06_f05d789e71b3dc6a592edf897a0a3a64_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-06_f05d789e71b3dc6a592edf897a0a3a64_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4D35.tmp"C:\Users\Admin\AppData\Local\Temp\4D35.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-06_f05d789e71b3dc6a592edf897a0a3a64_mafia.exe 23652F996CF9FF8205139F3B5BA8445BC4727FB1475B38A2EFF1235C6182CF43563D284D124A37887DFE025C6AD6591242271C450510BDDFFF06590E43F76B1B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD52592deaf16b4d92f2faf8b5db355f89e
SHA17ae711e61c8763d51473188f0d4fa3e4c648f98a
SHA256717a995cb49dee1e6e1eaba670cee9fb363d0bb1e90d4d490a13b52e1753947e
SHA512c0e5889c119238b7d6a89586d6e40a1d23e7a7b5e0d6dc4ae509d1bf0abb4afc9021945f584eef3017166c664d0ae2932668456cb6001d483ff193df19fe12ab