Analysis
-
max time kernel
148s -
max time network
159s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
19/03/2024, 21:25
General
-
Target
2024-03-19_1d2490e11c4b817594c00661923e28b0_mafia.exe
-
Size
479KB
-
MD5
1d2490e11c4b817594c00661923e28b0
-
SHA1
931bb71e846f6a4cc9b5730db7cb35f4cf45d51a
-
SHA256
3a03ccb60c359883deaf16a2048a714440a1f9b68723094e6901a23395662abd
-
SHA512
fc9ebbf43f4e8704c090bf1f425f3f97cff77d74f023fc52fd623c957b50f86e87afef85d4f172ba82060751bf625ec0f71a2faa418280ebd64b4da59590bade
-
SSDEEP
12288:bO4rfItL8HAXs9Gdh1f3sKXTDYNNf9g75UO:bO4rQtGAc9Gdh1UKXT+d9gVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-19_1d2490e11c4b817594c00661923e28b0_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-19_1d2490e11c4b817594c00661923e28b0_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7995.tmp"C:\Users\Admin\AppData\Local\Temp\7995.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-19_1d2490e11c4b817594c00661923e28b0_mafia.exe 9A86B74BDBB8478AE2D9BB534EDA2DAFF64DE369326870E9FB245A5E064DE69C6A7BE228C9F612237B778C1F3C2650870531D0DF1875A8712AE1E945A9BB176D2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5a450da5bac9e2b7b3cf89c4fa2a6c039
SHA1fe0306775a965139e8650451e31cdb98f1720926
SHA2561fbf4fd273da0080b110db8c95d139c29f70a84002f38b72484e7828c7376745
SHA512a1ed8eb74326f657008a7296f1e25e60226fd61976cbcc26d4a600612deb5beb97edf46a15fcbdf63a3c0e395708206704718fc16a15f330bd52791b0e1827ef