Analysis
-
max time kernel
140s -
max time network
137s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
15-03-2024 13:52
General
-
Target
2024-03-15_95d91a9b899c09bcde29df565d009591_mafia.exe
-
Size
443KB
-
MD5
95d91a9b899c09bcde29df565d009591
-
SHA1
3db5b90547bbee074f035c73e43a2e121ca294e8
-
SHA256
856e372d43e0a3dcf25d9adf177422bb80079397610ed9c1134be8344c0d93a8
-
SHA512
cb01571f38ee47c604cfe11445967f5ff515453a925add58f5b3b4d51e44b4633fdcc63c432fe71440ee05886cc695f0abe36c4fc3f1851471b410f63d41e68d
-
SSDEEP
12288:Wq4w/ekieZgU645aHnp2bCUjqMVw6/w+lMa:Wq4w/ekieH6uaHnpxUtC6//P
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-15_95d91a9b899c09bcde29df565d009591_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-15_95d91a9b899c09bcde29df565d009591_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2ED0.tmp"C:\Users\Admin\AppData\Local\Temp\2ED0.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-15_95d91a9b899c09bcde29df565d009591_mafia.exe EFBC5000DF53319DAA3EC7AA1C2A6AEB28F66B38A0A46B325325284F59337E32D39E6C86430E7663F2FAEE4ED6B3BDC852DDCC47E57AF6F3B36C429F0E3331622⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD54e658e6ad9b47c9c80230b818f5adb0d
SHA187fe864e5df7ca221711f5d6034133ba976f2dbf
SHA256165e22eed274447f56cc84ea662db2534d561e8e9a71ea200b80b3ea32d78bea
SHA512f4e268160306cb3a17306ba9871d4511430c1ddc29a4d49d9464f80545fe487831c0647dff8105ba39704ac5b433303ee4435b057f8310dc52098d90e2a1f297