Analysis
-
max time kernel
92s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
19/03/2024, 06:36
General
-
Target
2024-03-19_d3001a894191ebe0841b4014a3f1d66d_mafia.exe
-
Size
428KB
-
MD5
d3001a894191ebe0841b4014a3f1d66d
-
SHA1
0aefaa3bf0e543350e6eed7ad12d626ba13dad1e
-
SHA256
237f38bebdece5ab2261e0d597057b8311d8c7fc074ebf76fa437747e25aad2e
-
SHA512
92568a12d11a05ffe76f453629687539d1b7608bdc18bb60d45a5b993d8cbbac343bd144cad9dbaa92509ac404f77020d58981dace90ad40c38c2f1ebcc5f2db
-
SSDEEP
12288:Z594+AcL4tBekiuKzEr9dS4Kkooz957p99UxyCco805KoE3zl:BL4tBekiuVrogjVnD
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-19_d3001a894191ebe0841b4014a3f1d66d_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-19_d3001a894191ebe0841b4014a3f1d66d_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5360.tmp"C:\Users\Admin\AppData\Local\Temp\5360.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-19_d3001a894191ebe0841b4014a3f1d66d_mafia.exe ADAF88AEFD1421B1CA4A1F312CEFADA3152644961396D23C952E3465B0F23906EAC2B88411F3D1879BCF4E3CF0277E0527A0347529F54B53B43BA95D250AA5212⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD551d7a5cd661471108d038ec5f7e78fb3
SHA1f891ec4ffa07bdd9820c8c50bbe4a37af8b37d04
SHA256c170b88283b47f80f2e6a269567628f502be7bff3b52fffb667eb0e574f2febe
SHA512b85b108f67e6a9f5591c8bac0ab50487bccf759db8b8ed0a1f0e432e61562df941230db5b862aa16c84aeab5901757f82433dabbc67da2ae0ce765246e0912c4