Analysis
-
max time kernel
173s -
max time network
172s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
14/03/2024, 21:40
General
-
Target
2024-03-14_ccaa1cd0702dae97af47ed17fa6cc1a8_mafia.exe
-
Size
433KB
-
MD5
ccaa1cd0702dae97af47ed17fa6cc1a8
-
SHA1
286437e83ee55a66fda97267414416cdf4e1ba83
-
SHA256
4d41df4ac94c71d1a17bfecc63ca66e94930eddb414400b7741cc221b34d4749
-
SHA512
6004b28358711f4f1af51b64870003a1ea0bccb28e2a67b265f8d46ff31af92d8405a34bead46aa3e91fad0618500e8a4d421b655adc3a05937c73ff80da1e1a
-
SSDEEP
12288:Ci4g+yU+0pAiv+aJQCuIsDTH1sIw+8uNuxCbeUovYn:Ci4gXn0pD+aODTH1sIXqwGvo
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-14_ccaa1cd0702dae97af47ed17fa6cc1a8_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-14_ccaa1cd0702dae97af47ed17fa6cc1a8_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1EBE.tmp"C:\Users\Admin\AppData\Local\Temp\1EBE.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-14_ccaa1cd0702dae97af47ed17fa6cc1a8_mafia.exe 6E530080C7E2862843C5D1C6550B04FF6DD59DA69ECC14A278B600EFD6E7277711ADCED82E100262914328A45D500162998E5123B35F2ABE98EFF81D375CD79D2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5b002fec8a6bcc7563d5be3a30ece4e9a
SHA1d4039d3b72deb81a1a60636aa6df2574da88e1e4
SHA2567ee23af25fff9172328f7c953b0d56969fc4d1e870f655917b1882532f1192af
SHA512b7065e9b23e42f3c883cbdf757c03199e6f849dc18aeeb1ad066fc104f4fce2d701020cd3cbce4e6dfab2c3de5e2ef5cb8ba411a136ae6d99d723e8d796207c3