Analysis
-
max time kernel
150s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
09/03/2024, 14:28
General
-
Target
2024-03-09_303976599dfa91ce8dc5d9fe20560366_mafia.exe
-
Size
476KB
-
MD5
303976599dfa91ce8dc5d9fe20560366
-
SHA1
98b070f78ff4e9796700fba52819473f05cf629d
-
SHA256
c01374b29a3a4cbf2585335cf946a15c63a7a9dec70b5607833c965ffc125ba7
-
SHA512
bb6e2ce1be6f9e6d8f085f580f8abfae8ad469d84d0637874032c976531a50cd4fbc3de6f473c93d8334a840c5d9d6ad6b572c96914af9dce3466473fd00ab2d
-
SSDEEP
12288:aO4rfItL8HRYhnMZWZZLhb7R6i7rrLFOTuYdP7K9wlsDpVFd:aO4rQtGRYhnMQZ/b9R7v5OTuGP+9wlsL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-09_303976599dfa91ce8dc5d9fe20560366_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-09_303976599dfa91ce8dc5d9fe20560366_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5C1A.tmp"C:\Users\Admin\AppData\Local\Temp\5C1A.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-09_303976599dfa91ce8dc5d9fe20560366_mafia.exe 5A1C11350513B7468254809319A820BF2FBD8838F072FA36BC4F0C40AD23BFFD42E889FB98E7716DD1B28C9095008DC6E63D46FDC3E1D79A8B33797302720AFF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD5c8b496bd4fb463c096590f35d9a44f34
SHA136ba05541b1c419852b58870e38d7c3b990cdaf8
SHA2562a191cd1fc352ddfffaac9aaed1fa91730c4b435220a021372d5f1aafa8381d3
SHA512fe4467da8e975bde15e7a373b6f8e9abeca8e5a93f5b2a882c04860989dacaca4068f8143b30be45a4564cfba7bebcd225acd6b4cade466c828f5363ebdccdec