Analysis
-
max time kernel
165s -
max time network
173s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
15/03/2024, 15:22
General
-
Target
2024-03-15_06d6243c65da16ce8b81d5786eaebf15_mafia.exe
-
Size
479KB
-
MD5
06d6243c65da16ce8b81d5786eaebf15
-
SHA1
71547c55a5bfc6311e06cdfd8b4bb29a794c7f30
-
SHA256
f7d77a31a36e152ee29d90539b06b49a2182483d0b01da457a4986f9f47b9a0a
-
SHA512
083390c55a5c2576c7ef7e1eaaec07d244dbaefec8176f812e213b7c2cf11f7de9e681b4403ac9da951c3fcad1abe5d2db52a2ad42e15bb6b7b65affdae8d9e7
-
SSDEEP
12288:bO4rfItL8HAaq1B+/Gd3CiyFI6qSFHNJtg5gaQt75UO:bO4rQtGAP2/m3CiAxqyt7g5PQtVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-15_06d6243c65da16ce8b81d5786eaebf15_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-15_06d6243c65da16ce8b81d5786eaebf15_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\AA69.tmp"C:\Users\Admin\AppData\Local\Temp\AA69.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-15_06d6243c65da16ce8b81d5786eaebf15_mafia.exe C514739AA8AD502CB687EC06AFDD7C3BEB2822BEEC55C7BFF39EDD0E68D2655C4B0BF076A7D91EABDEF7983E49526917E7B4E0036D8DA86EE1863A2626D992032⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD54482b8eb40bdbcf40338f25966d73034
SHA1d67fc5e603fb1a211b31ad1351a3f4ec3b6a1705
SHA2569eec0615df5a14f147fa44e00ad625c726fdae0d6e95a6f8fa19686ca1fafb12
SHA5126ad6c3918534ec0fb6178c467415721ed52cda4722565bd1d6dd773430d2d4586f8e72d9aacca9fb8747e8f0e0e297fa9af3bb2fe3a9be22891abb02e11cf9b4