Analysis
-
max time kernel
147s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
11/03/2024, 17:25
General
-
Target
2024-03-11_21e6bacc61d45489ec6f7fe8bdbda902_mafia.exe
-
Size
443KB
-
MD5
21e6bacc61d45489ec6f7fe8bdbda902
-
SHA1
1d718d9e6bd9139f34f9672e43347a4787555040
-
SHA256
09b7382df70ee5a25b349c6598959e1745503cadfa29941c1c6694496fd38ba7
-
SHA512
a02b762d84c7952ee1c2d80f12fd7787a044c27aa09a4854e620f83ad945d618ee9507c500ab891beb75bd0423565cdf5d1cc8246b1e9f034b21d0fb3c54b216
-
SSDEEP
6144:Wucyz4obQmKkWb6ekie+ogU6BYjF0JdT+LKIzKl8kCuV7PfLICiulMa:Wq4w/ekieZgU6kyCuxyah3lMa
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-11_21e6bacc61d45489ec6f7fe8bdbda902_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-11_21e6bacc61d45489ec6f7fe8bdbda902_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6C18.tmp"C:\Users\Admin\AppData\Local\Temp\6C18.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-11_21e6bacc61d45489ec6f7fe8bdbda902_mafia.exe 6801ABB3F7197A1845A740FC3B94DA320DBBCEE6B0A62105FCCF3EFB0E7E08E7ABFCBA8BFABE5E26AB0EEB70029E54910697C4768654588E5344A0435022F0F92⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD5ea8031419b76d142fcb7620ecfaaec6f
SHA125aa4328a17ba6b9fcbe3ac2bd948652c850d3a2
SHA256f73cd6c7e99f3f8406df4483c8fd37c651a4e02937f4bbe7efb5e9bbe574d73a
SHA5122ebb02cc472ebcc79a9c35056119455a77a6b6f457bbda15a3b085cc2d5e0eb96b3900d2931486ef2ffba040cea7f0e8098f985fd86631ae7cd6504728ff0ec8