Analysis
-
max time kernel
156s -
max time network
163s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
13-03-2024 01:43
General
-
Target
2024-03-13_54957fb3683375b615d52e9e8e5dac6f_mafia.exe
-
Size
476KB
-
MD5
54957fb3683375b615d52e9e8e5dac6f
-
SHA1
8f62c76e28f856d5b21ecaa8a9a95b8db56ea0a4
-
SHA256
04b5df1c0b9a7f798e64b0e1bf74b90975ce4a5219f566d7cb66b3527744f56d
-
SHA512
e9b135df105f39fb7af460848e3dd01686384dc4402770480c7de353681be835b319c8df9b19fe016af87e2e30e0da0b41097183cc56b4aabd4c25e8b8dd4d47
-
SSDEEP
12288:aO4rfItL8HRVEu6avwlpBrmbjKGYYB7K9wlsDpVFd:aO4rQtGRqp69f+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-13_54957fb3683375b615d52e9e8e5dac6f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-13_54957fb3683375b615d52e9e8e5dac6f_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\8F5F.tmp"C:\Users\Admin\AppData\Local\Temp\8F5F.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-13_54957fb3683375b615d52e9e8e5dac6f_mafia.exe AE6623D999ADCA04122D58C8A9B77A070CC20A3CE906DB0F2E95C604FCB5361AF508A63DE26103433476F184246C1862D4B56171BAC44F2ABEFF3DF180A687C42⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD56b882b5495c6c9c03af6b8b16ca7d79f
SHA18e2f6adf31d20b0afd71666024a0c4cc3eb4140f
SHA256182cd51ba6ef19e80005b6a44aa684a630b7dc8effc8ccae9c197f7f993dd105
SHA51253e4eda1a7d5d8b7ec2f59e457553880fd628f634007524cc559f82daa2c8aa4ef74b027173d375bb9f66f44ee4185250cb74f7e468276dd31b10f53a2c46f9a