Analysis
-
max time kernel
147s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
26-03-2024 01:49
General
-
Target
2024-03-26_eacf181380fa8f31d9fb877200e1d292_mafia.exe
-
Size
468KB
-
MD5
eacf181380fa8f31d9fb877200e1d292
-
SHA1
0cfeefd942061d2079e3762f9ab0d00234dfb5b0
-
SHA256
a41522d67729aaebcb70c7e5d68cbe5afc5e24035945d769ee6ce0f800197083
-
SHA512
fa21743a25fe3b0cf80eb2aa5df4acbf9573088df8321320754307363336b6399d39b69f7e9d2f5db422ce7240ad24ff0b237ee04ad570d286a6dd9622961134
-
SSDEEP
12288:qO4rfItL8HGAhvciOWGO2j4JyVn8oU5PgzG7bWmeEVGL:qO4rQtGGSvciPj2B4YGumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-26_eacf181380fa8f31d9fb877200e1d292_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-26_eacf181380fa8f31d9fb877200e1d292_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6B6C.tmp"C:\Users\Admin\AppData\Local\Temp\6B6C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-26_eacf181380fa8f31d9fb877200e1d292_mafia.exe D10D8A94A8EECB6B827359508841B0EF1C669CA97C68A01A139E526F362EE5E4E68958B8B2E84C86930D27002E98A22D8CB54D2AFA863C5693B7A194ED2B7B2D2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD5de9596455d4c1fd1a4d1acaac946cb3a
SHA1e5c0524adbe2fe245432e11b7c4a366b35304d1c
SHA256b4e1c6dd1f172c15eb8cc9bc15da1e589315b508d42d5468aae84048f30b938b
SHA51238828792de0ad11ac2ab083c20065ed370c6a3d53f927a55b7068a7fae9acbbedbe3c701f3f0ef77b37075bba0c8207a66574b6e67e093f4dc32f56374e78fd6