Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
07/03/2024, 00:40
General
-
Target
2024-03-07_493ea6773af74e91b7c93c71622e8799_mafia.exe
-
Size
468KB
-
MD5
493ea6773af74e91b7c93c71622e8799
-
SHA1
90f5c1b5b6ba9af1f5ba64b3af2d3de39768ff2b
-
SHA256
8b351813a76232261f57c358b055ad267b15bd1462fdcfc48781a615c2943a40
-
SHA512
e58099d53f2925be556fee4ba43d1e4a4ec61bab63eac7c9c9d1ad0962ed58ed8c79c7e34bf4c0d99a9f30b4fbdc5217c011ecaefe9a02b6115aeb45d01878e0
-
SSDEEP
12288:qO4rfItL8HG5Fw9jB39shuE9G8XMVOM7bWmeEVGL:qO4rQtGG5Fa3+hVjXAOMumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-07_493ea6773af74e91b7c93c71622e8799_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-07_493ea6773af74e91b7c93c71622e8799_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\38C3.tmp"C:\Users\Admin\AppData\Local\Temp\38C3.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-07_493ea6773af74e91b7c93c71622e8799_mafia.exe 08D8749EFE2705A32090AC7FBB357609A99D902B8FE6870D8F1E3ECD42F64DC274BADD8E68A3392903F1E3F13852F727CF7901E857CE342F28E6D6822796AE592⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD57fe4658312a31f6539906fd49ef3ad74
SHA17fa371893555e17b4ef6e6a9fe60b3246c5cc7c8
SHA2564101d19e3d949237b21c17cca2bf87074c892ef4cbdf8b0332f61cf6d83d9555
SHA512628bf022cf28fea2632cee32e3e69a6c4d4eaef3703c53ef9a34ad59d792fba141b4dca5c3ca8e78a1b0ca1ae43034a56cc8b7a501c77cbf19d564dac4fdad66