Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
18-03-2024 21:37
General
-
Target
2024-03-18_aed37bb2af4acf8546c536bc45f6c98a_mafia.exe
-
Size
476KB
-
MD5
aed37bb2af4acf8546c536bc45f6c98a
-
SHA1
953889f383ff1f13f7a2fe4d1f222a5bf50ed4f5
-
SHA256
fc7a6f707ba7dbeecd8bca691dfb3d512e368ab3450f16294d20254e83bfbaa1
-
SHA512
1e044bac9b984edb23ee87d287d15e0945270e3569f74919c1149097d9848cd53672a99087a5c7385c7968fe27fe8ea0b966cdfa9b88ddd853529b37bff49b42
-
SSDEEP
12288:aO4rfItL8HRbbJWI4gOeTUtML6vhln2aL7K9wlsDpVFd:aO4rQtGRxWjgOnMqlV+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-18_aed37bb2af4acf8546c536bc45f6c98a_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-18_aed37bb2af4acf8546c536bc45f6c98a_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\57B5.tmp"C:\Users\Admin\AppData\Local\Temp\57B5.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-18_aed37bb2af4acf8546c536bc45f6c98a_mafia.exe E77774D71FDDA650108A673BB7129319EEE27F2657B4E32D5DD8FC3BFD5A7700ABE07C183C9E77AFC2C1B2DD114358B2AD8F36262A6E3321B058B1C0B9B191F82⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD51eec656c64f0114557d5a158a180796b
SHA1c3a305387492960f88acad198a2902eaefd21809
SHA256f973292c15de2600083002da3d352b1755bed3b7893046b0a30bf5f00625e92f
SHA51238a2bba6f1b31ef5b459856920b8431352d67cae805af8aec99c64205608968f1f65ac959dbee5fac31e14b24bb49a742300285900465daabb7eb7218be8e9b3