Analysis
-
max time kernel
151s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
14/03/2024, 15:49
General
-
Target
2024-03-14_b9a775f5ac5fceb342faf561ca28615d_mafia.exe
-
Size
486KB
-
MD5
b9a775f5ac5fceb342faf561ca28615d
-
SHA1
2e07aecde54eb967a45aaf739213416888335a72
-
SHA256
faef3395c9c71c5d925528adcfe12677cebb6b91b53eae482f8db24d7ccead7f
-
SHA512
c1d3e71f499826b891d2a0f8cae4a2c77db0d40a4805e55511a890e3007cd5ae66a51e0540bc0413be155e6c5f8565fd94324a796238301071ff3cc33456ed2b
-
SSDEEP
12288:3O4rfItL8HPKXIgZo4jrEbAEzeKSsB00oRoF7rKxUYXhW:3O4rQtGPKJTkbA49SsB0nE3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-14_b9a775f5ac5fceb342faf561ca28615d_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-14_b9a775f5ac5fceb342faf561ca28615d_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\690A.tmp"C:\Users\Admin\AppData\Local\Temp\690A.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-14_b9a775f5ac5fceb342faf561ca28615d_mafia.exe 5E6682801E6A8933CA21DAF0B4E779031FFF190B8ED0D07ACAF22653B79964372B5F9C8A5D08C85534D665A9272350C5B19ED8D561C412F3D01D4A886C30BF972⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD59f8fc9083fd9729732e2c6cc25c2f134
SHA15928f1a6adc677ded31dacdae56d29671b6cbd8f
SHA256dd6c8a20c1f170972904d5793f4eb4bf8c4e5e975ddceae07889ff1c0ce04113
SHA5120f0cd2f33a22677e4ff61576c21cb5994ac10ceb75ec79bb4fe840c090243508cdb7eb080c7b2f149dc9c1399e39e109d26dcb207bffafd65c668a4de13062cc