Analysis
-
max time kernel
141s -
max time network
139s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
20/03/2024, 00:53
General
-
Target
2024-03-20_ad3d5c4e2c6595df4332bac72b8b0071_mafia.exe
-
Size
435KB
-
MD5
ad3d5c4e2c6595df4332bac72b8b0071
-
SHA1
4957bd99827f55f304bcc66a1e8534223388af2a
-
SHA256
503611afb54683d120fba33080c0c4b0f2a1a8855ac7a63b79b5cf3ef0cb0cd7
-
SHA512
8e62919e1a1045db1f6d673a2030fffcd8d6880e8ef8004a78dfc75ed3f2e7173a11c7d41e286bf66e23c98d83d54f87418a78f1e15e57ad99cff34ba8529ed8
-
SSDEEP
12288:NW48Uekie0ghBGnqPvmDmsg1fxlswX4HWaSA:NW48Uekie/Bmysg1JzGWa
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-20_ad3d5c4e2c6595df4332bac72b8b0071_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-20_ad3d5c4e2c6595df4332bac72b8b0071_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3681.tmp"C:\Users\Admin\AppData\Local\Temp\3681.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-20_ad3d5c4e2c6595df4332bac72b8b0071_mafia.exe 3C74DC4017A476BF1076148A24E25298698A74B51DB36F0EC604A9435425CA5AA4BF2304BAD6EA1BA92694673C6A3DB84F93F15B792C83DFB4E5BE00612035792⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD578f6c9174509842e9b4aeca6a10a4dab
SHA1e49fc5d5972e01461b6c45c2835419a5348583f0
SHA25648e2e2fec75ed4c60106636c225789add6486a8cdf9d819cc2c7f1eb6ea1006f
SHA512993d82e805fbc681de0d485926153fe052bf431cde4d9583489de5596fcae212a227adee878da6677e6e8cefa47dd36e4a4c9a62bc69db04eab755f8e07c9843