Analysis
-
max time kernel
94s -
max time network
122s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
11/03/2024, 17:33
General
-
Target
2024-03-11_9b11918977cf44d6d92945a44c478f27_mafia.exe
-
Size
468KB
-
MD5
9b11918977cf44d6d92945a44c478f27
-
SHA1
b378759f5258e7b3021624309fe0ae6f1aad9d41
-
SHA256
0da38ed41b14ffd3ec6f0b1003db6762e2730d89975b022f969def6741f5a262
-
SHA512
dd0ce7e5aba68519ed243245b71eae5520f28d28c12fd3e3ad829c5cd3663f3e7f497d118c053f002dadca25471978487770426ce4ec211df6681b6be8517366
-
SSDEEP
12288:qO4rfItL8HGpeo0fp/jSJEw8Ez6fi3MRe3l7bWmeEVGL:qO4rQtGGp0BjSJDWcMRwlumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-11_9b11918977cf44d6d92945a44c478f27_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-11_9b11918977cf44d6d92945a44c478f27_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\45E2.tmp"C:\Users\Admin\AppData\Local\Temp\45E2.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-11_9b11918977cf44d6d92945a44c478f27_mafia.exe 4BCF1E3886077270458D8E0411B088D59914D43757BB46197F2004C19F14B823C85F6320ACD1721EC9713FC5C0F021C75879406BC3AC039E2CF5A6B351AE7D2D2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD51c9317f60b934b84fd505f6067e35fc2
SHA1cd268bfc47be2767919fac7fe0a9b8315f5f6add
SHA25673be10c128c4baee3489b8517ee4dd1544180b44180916a10eb4717af8a58816
SHA512234868c9f4a2ff4d99630772f04a93e39505e8e7d5a7c2fb8b45a005a88ee01b2d90110d1144210983bdf4d4ce6bafc676a83001333a2912ce38d81d6b92413c