Analysis
-
max time kernel
93s -
max time network
122s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
19/03/2024, 14:47
General
-
Target
2024-03-19_bd021e7712fdda10661a8c360b550162_mafia.exe
-
Size
444KB
-
MD5
bd021e7712fdda10661a8c360b550162
-
SHA1
83e2174632599a0c84692ae0a36173a0869877b0
-
SHA256
b5efad50231bf7669d1105eb0b3bf7be34dc742402ba34a269ed3cd1bbea426f
-
SHA512
ea57805c5c52392b7bbd7d0eaeccf36cc3a9326fd9a59d34c72ff27ddde9d514fa9d36db02d6f78401aca481a0d6f59c2449f09b64b884dce394cf92cedf3372
-
SSDEEP
12288:Nb4bZudi79LYymkjumoih5nyZZguDPWV1uA:Nb4bcdkLnAOuz70
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-19_bd021e7712fdda10661a8c360b550162_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-19_bd021e7712fdda10661a8c360b550162_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\490F.tmp"C:\Users\Admin\AppData\Local\Temp\490F.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-19_bd021e7712fdda10661a8c360b550162_mafia.exe DBE26BBCD308271F825D787A7479B3814476A940FD2DDFD9413A5CF567135E17B772C00651C772C4150FABB7A855C8AFB35F8A9F54135A2879D4512052067C372⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD5f7406d04e640e03ac54969e9a2bbd31e
SHA15504b8a872d0b5717cd8604f08ee6d11c54c46c6
SHA256280b94e5ce0149e04f53ac72b0bf88e81193b1c5071216dd49a7e1bed11071a1
SHA5120f2dff63dba092d4a5e8a7d7c9e2be223aac07a59adbc41c0d681db9a9b4071f4cd8ec8ecbb628f9be4c91e3d798f51188d02da28a1062233f7056fdaeadcd5f