Analysis
-
max time kernel
92s -
max time network
122s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
15/03/2024, 21:46
General
-
Target
2024-03-15_f8c96001a9ec045a02d5345fff37ef07_mafia.exe
-
Size
435KB
-
MD5
f8c96001a9ec045a02d5345fff37ef07
-
SHA1
5b2fd01f5b4176a9a554b23aae5ca4f420901c61
-
SHA256
a3d8f8191a89f02e80c26f57d6a8bd4056c359579c1f90fe332b3485b9c696a5
-
SHA512
6f99e08abe7aa85c78aa2657f86b79b6b99f7d283f76b07f6c15502974e0b0916c260597c9c90e5e7c54e0f64cedb6c0a6c8947eaccec3b0fba57a5a02958fdc
-
SSDEEP
12288:4j4pdePiuVZPLHYHGoI40MQJYecIX1LF+8:4j4pdePiufL4HI40MUYexXXX
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-15_f8c96001a9ec045a02d5345fff37ef07_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-15_f8c96001a9ec045a02d5345fff37ef07_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4621.tmp"C:\Users\Admin\AppData\Local\Temp\4621.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-15_f8c96001a9ec045a02d5345fff37ef07_mafia.exe 30477D2D2D63609699ED9F59ADF107D89653C4A26732CC5DD7214AD386C9A6517E73B1CEC6B33B2DF18E7297BB2B6EBE9BDA055B42F8E4FB2C03CD6A190119602⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD5934c008dbc3674d24dd42f836ba08192
SHA156d5095bd99c44c0800413797664707963beb822
SHA2569dd94d50e613fa6af82ec341483296699b69689a037d6da0c5a5c3fa8767c009
SHA512f5cf8e9345aa28bf7898ace68dd804380e8d5534dab6629b781e58a43c31a2c10021c50ee07207572b7099348c5f86f0b7aa489895ac5f6f95f5bb05a3402fd9