Analysis
-
max time kernel
141s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
15-03-2024 10:06
General
-
Target
2024-03-15_fe796a27b028a391f6273a940dabd53b_mafia.exe
-
Size
428KB
-
MD5
fe796a27b028a391f6273a940dabd53b
-
SHA1
fbf058750f574748600e1ae789e51cca772f3031
-
SHA256
41674d2d35e277052d8a715fbf6679bf248391302ae348ff650ee58c44578b06
-
SHA512
407a3652cc51c477f0f15c640540e76e71c80e22e0e52ea1167090daf1c3d4f7f19f2ade2e139c8e244fbb7d72589632795facc83988d528df4a8177b990c973
-
SSDEEP
12288:Z594+AcL4tBekiuKzErfZH6ASp/IcP5c/AF9Ig6FcPY5l:BL4tBekiuVrBtq+g6mA5
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-15_fe796a27b028a391f6273a940dabd53b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-15_fe796a27b028a391f6273a940dabd53b_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\35D5.tmp"C:\Users\Admin\AppData\Local\Temp\35D5.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-15_fe796a27b028a391f6273a940dabd53b_mafia.exe 39AEF6D60F58D257D298E9D2BB650AECDE5E4533CC39ED7F545B7F30D3D602CB1E5441EFC1AE2E5CA9CE174B4C81EDB977B3CDFFB9F6E3744F7FDFB56E732FE32⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5d745017033c3cc4c04d0aa969487e0ef
SHA13ff6c26007ca3ea01bca5133f44641c0a6c21cef
SHA25619ad53832a009b40c69503dc94e41fe76ccef4ccf8037532904e452768853f47
SHA51287e06970da5f410cab0161f0065011f6a2dd6211102c6910cf87a2cf889592593081d3ba3a31ae9f2ae961f76b8614549ec6b374b1cd9c8f8c71124d00ff9408