Analysis
-
max time kernel
148s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
10/03/2024, 16:31
General
-
Target
2024-03-10_940a54e7ff496724a101c100ce247655_mafia.exe
-
Size
443KB
-
MD5
940a54e7ff496724a101c100ce247655
-
SHA1
664d0078a1db22ae2de974eff54ede3ed943a4b8
-
SHA256
a3edd325ad81c3f8b7bc6f9d07484f0fa88dcccc17ae58fdf06da9bee4e73702
-
SHA512
5eea01b9df532048451c96d988bdf31ec2e9f3caad0a9b839efe56a4891ab7aa73bc5bf43a23699befe707d11b3f2d2192518536da50aa478c5c877583e5b75c
-
SSDEEP
12288:Wq4w/ekieZgU6ei/cXqETZcq9xXb0/jlMa:Wq4w/ekieH6eBqEFt92/jP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-10_940a54e7ff496724a101c100ce247655_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-10_940a54e7ff496724a101c100ce247655_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6292.tmp"C:\Users\Admin\AppData\Local\Temp\6292.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-10_940a54e7ff496724a101c100ce247655_mafia.exe F6AC704BBDFA2C27C549493D2B2089EF6C3E5086FC0064BB97BD4C4A41DD8B8D519E173B33A1BA4EC096A8773A964BEE8FA77E683AD2F987D31E83EC4ACB29572⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD51a5fba59e6f19adf6904e512f647c344
SHA1276ac57b3fd1b76ec505a4b06940a2479681dcb3
SHA25662e3ad6dfb627956ab19a481affe1d674153b306c152725bda5abc29d653943d
SHA51284dd90f93fe268a3b93eef8ab31579c81b5e429614ac2108265d1dd0626ab662d0d30fe3eba3f7e20c47f073639a8aefd919503b3a514c22214b3563231b042a