Analysis
-
max time kernel
136s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
12/03/2024, 21:35
General
-
Target
2024-03-12_9b87a012a6e06773f370dcda0dd75d44_mafia.exe
-
Size
433KB
-
MD5
9b87a012a6e06773f370dcda0dd75d44
-
SHA1
37cb16d43176fba438e0ffa61f16af3d4d7f5260
-
SHA256
cc3c131639fc027b1314a22194d3a9f027ca47bddf16d5348565d5c5d679b673
-
SHA512
78b8f6b4327ee1d04d3f929f12c5f89072b6c2b9107669ad68b8c16268b0a0f9b20162d27188f1cffb7f66b7b1e3350acf116283e51fbc57332a2935b96a1aa6
-
SSDEEP
12288:Ci4g+yU+0pAiv+arKII7UAhl/3eHw155n:Ci4gXn0pD+ZIIgAHt1n
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-12_9b87a012a6e06773f370dcda0dd75d44_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-12_9b87a012a6e06773f370dcda0dd75d44_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3028.tmp"C:\Users\Admin\AppData\Local\Temp\3028.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-12_9b87a012a6e06773f370dcda0dd75d44_mafia.exe 5C3FE94CA0EBC038CC4335C4090E796FF4CE7034F15CF2AC17BA03D3802A0DEBAE614AD807FA66475B81C3C9ED3F2A152B023AF247CC28438DFDAF7FE394A49B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD56b92a1349375933ed5674ce2d509f049
SHA1c371f46b227cbe3f375743b8b1f9d297ed3fe035
SHA25601f87f3fc145ce97cfa5f7e2e1c30e1720d43b7e89ab7f5a5ce61b5009b33470
SHA5126d4af7083e973e666fc1193b5c3314bb14ba9636cef583545108326bbd304015604bda6035ab249da5d98fdbcb4c7875e323a4b5067780a5a0e6ec6b376a66b2