Analysis
-
max time kernel
146s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
11-03-2024 18:30
General
-
Target
2024-03-11_2fd3056fdc181be25c5fcec24443c68b_mafia.exe
-
Size
435KB
-
MD5
2fd3056fdc181be25c5fcec24443c68b
-
SHA1
2a29a56ea61d202aee1713ec7b02131287426318
-
SHA256
9621dadfcc695aa51ead206cf0b226c7015d776d175c61497750567c4ed9e523
-
SHA512
9dfb985dc3d1b543c93f91513fc4e9863a65953d8f4366fd1d2ccafa16499a41b22194a13c7b0ad5152bdfb45498e6f8f4716ae0350ffa38286f01c135316761
-
SSDEEP
6144:98Xyq4o4aRCTuuqepiq+zQ1mBYBub3i9yqAa3gjfizVd3t22/T2+6t2TYK8OzqVX:9W4ufepiqKQ1mquaUI5t12m8OzqGFJ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-11_2fd3056fdc181be25c5fcec24443c68b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-11_2fd3056fdc181be25c5fcec24443c68b_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\440E.tmp"C:\Users\Admin\AppData\Local\Temp\440E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-11_2fd3056fdc181be25c5fcec24443c68b_mafia.exe 5FAF90AB3408602F96140638D8AA7588FB6928D402A69591ADFCA8F3B0FE0F67200687375249756F307A81337F155FB14F7E0E71A9C6E887A6892221103AE3AE2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD5c7ec0e48b2e0ec0175c7089c95160c2c
SHA11d9fc0e3d1c5f4c74f5e5da6e4ab390059e78827
SHA2568c490c6665b5e0bd5d732e649dec091090a138c87c3f08095743145ad3bbacae
SHA512c270eb5700a48c32aa1469b2ac12b1390288b54fe6b7dd8949309a472d1120412f185a15dbc698034487dc8070c290c07352fea292879a5ff1953a0861de8e12