Analysis
-
max time kernel
114s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
12/03/2024, 17:28
General
-
Target
2024-03-12_288c785dd661fe1a3eadc3c363a3c8e9_mafia.exe
-
Size
433KB
-
MD5
288c785dd661fe1a3eadc3c363a3c8e9
-
SHA1
5eb37358ff108e8e8b0e94643874172ec40d711b
-
SHA256
e66bd5f061279a93b6cbd9f35548b18e93b2fa0d51afa386b705684853a9cf28
-
SHA512
047b46761623b0d49bf7cfd6afd51b0b2786ac33fb5de6f032fad20289a976f7404ce3d8d6955c5864be1342edf0d244e9b78bf17dd21aa377580889b65fd77e
-
SSDEEP
12288:Ci4g+yU+0pAiv+gsRX2Caijkb91KJYrZC8fZkqPeJn:Ci4gXn0pD+gsYCaCo9RZC8fZK
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-12_288c785dd661fe1a3eadc3c363a3c8e9_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-12_288c785dd661fe1a3eadc3c363a3c8e9_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3DA5.tmp"C:\Users\Admin\AppData\Local\Temp\3DA5.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-12_288c785dd661fe1a3eadc3c363a3c8e9_mafia.exe 9BD550DB760A40AD7EA40E37CD2F69F139719C609E30508836856388827600FD4F12B729F7D9369C7A0668A9C5591EDEC4516F58B8BFD55D61FCC99979CFA4022⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD58244d61c832925068018cf5af50c77c0
SHA1662dd99527f3ca31b2c6d61334fbd00f764fd477
SHA2563dc7642c5b23d070b88f48c800c66e3ed76b3f3130e68495650798303af45d88
SHA512f23afe1bf50408b2c50b33d5277740e4eb423eb5a4ee0b2f735a78ce122f27a4ecab64a14547dbc4bf25563fc8a181ed68c87428f0042ca429d5bb6a2cc0d6ad