Analysis
-
max time kernel
123s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
19/03/2024, 00:46
General
-
Target
2024-03-19_6a74ae1cc446ec84682f982dbd3432fa_mafia.exe
-
Size
428KB
-
MD5
6a74ae1cc446ec84682f982dbd3432fa
-
SHA1
595066556604a1acc58ec78a54868c0c9272d6bd
-
SHA256
327482c1b8e47c094fdf8754fe2dca628b7f51330041c2ffc5d3a22dbae3d26f
-
SHA512
f8ec9135176808e778f00af1f5ee6f77668c4336cd67c5dd78c684ec63640437c4c838e24f979c2158d70729bbd19b3ca2fe5feba7d40ed48ece230f3b8b86f2
-
SSDEEP
12288:Z594+AcL4tBekiuKzErh/SQCDvDYhjsDn09l:BL4tBekiuVrh/gDvDAU4
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-19_6a74ae1cc446ec84682f982dbd3432fa_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-19_6a74ae1cc446ec84682f982dbd3432fa_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6D9E.tmp"C:\Users\Admin\AppData\Local\Temp\6D9E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-19_6a74ae1cc446ec84682f982dbd3432fa_mafia.exe B3458B70731C31E8155D8A714490A77265BA221B9D7000868D67D597565EF039C68AB96FE2EA7DF4D65F91AF0395F8F2331BE18E94CAD1325294BCD86D5B5C5F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5a4cc589b472c8f115ec68ff181c3a3b8
SHA1f902849fc3691a05b684cdb418dd49fc5819cbbf
SHA256b913fd31aa468e9d0ed8e12e68b7e87c15bc62d50a7f59613aebd7a32c3f5192
SHA512f5fd9644440301433ab1c18d40ac9e8fb795fd5705f84123103beb9ab42588578cc72f9b166d8cd329098af813b5ecbe8c25ac10d83b3be954b6be3f609655f6