Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
08-03-2024 03:03
General
-
Target
2024-03-08_c1a5ed45841f952ad1ba06dccf712972_mafia.exe
-
Size
476KB
-
MD5
c1a5ed45841f952ad1ba06dccf712972
-
SHA1
fcde8ca060fbc394853ee9dc626faac1e87fb329
-
SHA256
672d53aac0e65a7fe5b5211ee639b658d7dec4cd0005a199acd9c1d36413a07d
-
SHA512
fb327dee1c7346a130f9ac3e780db704290311d38bb51441074b18eb22e9d2a66169edc231873c2431cf347259e32dff35c11fd9eb02e4999399652c8416db7a
-
SSDEEP
12288:aO4rfItL8HRdbm7CGAF9blmbSSOchS+W7K9wlsDpVFd:aO4rQtGRdbCCGAF9A3OcNW+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-08_c1a5ed45841f952ad1ba06dccf712972_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-08_c1a5ed45841f952ad1ba06dccf712972_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\318F.tmp"C:\Users\Admin\AppData\Local\Temp\318F.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-08_c1a5ed45841f952ad1ba06dccf712972_mafia.exe F703C264A448E3B5AD5C1E25576F1F3B3A8C613CCD4EF8575DE66C79A095F3C0F83C41C2D7A799C09838BBDC30EF6E7BC60D71B526FCB61E337DF5EF30810FB52⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD55e11250ab4eef4d73e509b7b5dbbf4e0
SHA1b861cc5b96fc8c93aa83064469c63112e0c96d4a
SHA256fc40f90cb4ed5c6857869c9f1227657bb8570153c44e35eb6b167928326f8e70
SHA5123f971411c66823a5a018d5c9202140f9e32cd253958ff1cc1a7e6f157c98d7e09b9c4a8e6484cf82a998b5ab310c646e7b3ecdd1ccd3a3430047e2f44d10657c