Analysis
-
max time kernel
147s -
max time network
162s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
14/03/2024, 08:27
General
-
Target
2024-03-14_18b5fad2b2cc6a12a864c8f3d4c19398_mafia.exe
-
Size
479KB
-
MD5
18b5fad2b2cc6a12a864c8f3d4c19398
-
SHA1
60f95c5b7d5548bd710cfce2cac81c46643e0a19
-
SHA256
daa9857698bcb019036a952693c26fb5539638bda5feb729ea79bddce3102e77
-
SHA512
462b243ce6f5b621812134a08c91a018b70a7d2b6f0f964ddf0c2b290f178f7ce48c4ec408bc45449b52e5f57063b9920a9a685244e58ee0dffbd8d800f87e3f
-
SSDEEP
6144:b9EyS4oMxIkjxcWqHtg88HARRAtgmZnjnfoMZ4uqQJgqfbwH9v/e4IL6v75UNY:bO4rfItL8HA4jAMGuPGoyXoLs75UO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-14_18b5fad2b2cc6a12a864c8f3d4c19398_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-14_18b5fad2b2cc6a12a864c8f3d4c19398_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\660D.tmp"C:\Users\Admin\AppData\Local\Temp\660D.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-14_18b5fad2b2cc6a12a864c8f3d4c19398_mafia.exe D73B03438FA9F19EFECA727E3B34E42CE9BD21BB10B57D52C7558C6DAD66FB38BCD9BB0AB7E6F5EDBF2733F3D45BBB614C7673C34B1AB725796D60AB67F37DB22⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD571016f48b9c60b365641108bfa093f3e
SHA1c0eb8ca21b7a2497aefdf198ff338eeed960fa07
SHA256d1ecc0039d1477a62e90f07777475742369da075caa06bafa084417511cc19b3
SHA5127ef244b8aa6ca24e2d350c18b040b15655bdf0c80377da2cee4dc2a64bf67f120b8e257e5309294d1de5199e0998446a8f229265e8cf1c097d58828ba0f3942f