Analysis
-
max time kernel
146s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
08/03/2024, 02:24
General
-
Target
2024-03-08_03ef70b9eaca30b1f3654f9bbf096e22_mafia.exe
-
Size
433KB
-
MD5
03ef70b9eaca30b1f3654f9bbf096e22
-
SHA1
cc40eef49058e1917823aa9ee1b0132c2213c691
-
SHA256
ce5d7524db972934536b93b045c09ff3ccbc417efff594dc2bfe2c145fefc6ee
-
SHA512
a0e7ad33b27259d44f3df41bf0546d89e685bc3373317922dea87deefe993b66b975c0fb186b60f0cba91f99004d87151b7ee9f6e70a1193cb15d986014237fd
-
SSDEEP
12288:Ci4g+yU+0pAiv+8P1TUmUJqx+1TFbLe6Lo5tNU0n:Ci4gXn0pD+8xUmUJqsbbcX
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-08_03ef70b9eaca30b1f3654f9bbf096e22_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-08_03ef70b9eaca30b1f3654f9bbf096e22_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\BAD4.tmp"C:\Users\Admin\AppData\Local\Temp\BAD4.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-08_03ef70b9eaca30b1f3654f9bbf096e22_mafia.exe 0867F34DE6DE3BDD9A1891187196F0A507613C63109020A23AA44DE8C6C51FE795A4293E5AF2E303AE875F4A24DC7A7C3CCD48738B964478A551C9076F02342B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD59c82769b82cb804c1d12b8e935cb9552
SHA1938240978c66de44fba2b924c056ed8d297dc7cd
SHA2567cd8e50ae4845d6adc65957f3a175a7756f7fae5be84a2da84184fd7c13326a1
SHA512bd185fe24494925ef6b34dffd615e559c371604dd6135e77af3bc0a2c3993a37c70a41b8649e1f27f38a9daa946beac2765dabc9e05a32f49c080bdc75483331