Analysis
-
max time kernel
149s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
16-03-2024 07:54
General
-
Target
2024-03-16_cc2ca39ab6e38dd66ea3c9d18b162866_mafia.exe
-
Size
473KB
-
MD5
cc2ca39ab6e38dd66ea3c9d18b162866
-
SHA1
7c7730c839f293534b3ef927e0f39478376bba38
-
SHA256
c5d26e61a54b753f49f46ac3344867b3a01320e43f55dea3f87ca97e7ad3a171
-
SHA512
81a881d9e23b9251a13b74a2ca4bd72706db2fb4fe77f6b327ac05b36f748355375c05b3f00022ff84544818fadcd3fc8b81ed4bdb47c8bd7cb9954866b37a44
-
SSDEEP
6144:fFrJxvldL4c5ONK1xgWbd1s79+iStkjHB0g2ZTM+fzi2StZ5rhYvXWoG9cD1k/e0:Nb4bZudi79LP92ZqnrkWmZCmucA0a
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-16_cc2ca39ab6e38dd66ea3c9d18b162866_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-16_cc2ca39ab6e38dd66ea3c9d18b162866_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\37C9.tmp"C:\Users\Admin\AppData\Local\Temp\37C9.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-16_cc2ca39ab6e38dd66ea3c9d18b162866_mafia.exe 00F16B1F7C98787386A6A6AF910005E85C48BA84504EF09990FD086DD4B03C797A610F8599B3E40E96F749321B26FF2E6BEB9EFB0E0E6787406EECEED0D9DA872⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD51ef374c51f1b9e571b2d66b57e1cc30e
SHA1cac0a35a20740180ac58b086572a1832bb65f794
SHA2565536e8b737544b06f9b3c92f79e2bb68bd0ddc7522b47a7dff48bab31c57b579
SHA512affae54f3fe462e3c32f7569017c9b7a6d265932749391f609940cbd2a8f08ed8e6e6c9e2582d8868fb67f3f69b68c5c73382e077cc734df8f6cd3f1d5842428