Analysis
-
max time kernel
150s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
10-03-2024 03:42
General
-
Target
2024-03-10_cfd96fe7547cbe43cb4c4b53cea8fb2e_mafia.exe
-
Size
444KB
-
MD5
cfd96fe7547cbe43cb4c4b53cea8fb2e
-
SHA1
9c475897629bd1b8e862eac597e0fbf9b87fd28f
-
SHA256
f5a2eb72f4e9a107bd33b7cb7c550e2244bba020f15d447f7c658203ae513b17
-
SHA512
c9e8951a12612bf2d383e4764250195f5d230550c0f683211940831d9ee88c60de80d349aed83d6d6d5603cc08516b8119fb13b19c78bc8feec36bebf9ea10dc
-
SSDEEP
12288:Nb4bZudi79LATYXbF3trcmeJe7wY66oJbfsbu27/A:Nb4bcdkLUYXboZJex668gbh7
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-10_cfd96fe7547cbe43cb4c4b53cea8fb2e_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-10_cfd96fe7547cbe43cb4c4b53cea8fb2e_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\688D.tmp"C:\Users\Admin\AppData\Local\Temp\688D.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-10_cfd96fe7547cbe43cb4c4b53cea8fb2e_mafia.exe 2D8BE64F6B933F11919553FC2143FC08A99233B7263070C8064DC86FA20D406FECA92AB0FBE046A113428776A1E4FE67BB1B455FA9A7B444A02B9A86F2A0E4A82⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD5312f96e28db0e4bac1cc1a5cf88a19d0
SHA1c69efff6e2f33b57c041d63b8c593a7d313b5f26
SHA2562522756b7c8a2eed06748ad38e5bc47a9c3712426092707968a0bd57a2728447
SHA5123ca9531650cdcb2ff8f776d290c37ef8d40d0c4042608be06149885dae0ca3fc74ac286c7ac81f040dcbe6ed26d049f2d1905bdad6e2b523c8a7084535e0e6c2