Analysis
-
max time kernel
150s -
max time network
131s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
26-03-2024 04:00
General
-
Target
2024-03-26_d76218a7c1d30df2c41a8fe03401c90c_mafia.exe
-
Size
476KB
-
MD5
d76218a7c1d30df2c41a8fe03401c90c
-
SHA1
6ea1637c335861b4a78837def857d1c4081f7d58
-
SHA256
e14b2cf239fb8269bbc42c103df5fa3b2f3ef031f652484653ca60d6cffdd695
-
SHA512
c3e150427bb03115a937e1916294ee3f350a7f26ee7286987c4f71cbd0f5349f8ad6ef9e745f25136c8339fb04306ebb1ab83f8964b76ce8c77b6cfa5b17cb25
-
SSDEEP
12288:aO4rfItL8HRyNft1KWKs6J9f6bu0vS27K9wlsDpVFd:aO4rQtGRyhtUYa9Sbu2S2+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-26_d76218a7c1d30df2c41a8fe03401c90c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-26_d76218a7c1d30df2c41a8fe03401c90c_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3FC8.tmp"C:\Users\Admin\AppData\Local\Temp\3FC8.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-26_d76218a7c1d30df2c41a8fe03401c90c_mafia.exe C963A79F39CC5AB9C6510AD752977A262312CE7B39142AE4C1652EEDCCB5348255A549267A616CC60A9C2C6599C7C0C7CF069E36933DD6CD6220826BD6E264902⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD5bb9346d6790b4515d4a2f42f5e683326
SHA18ce6810a9aa2cdebfbb7e2b175380710e668fcbd
SHA256831a10f5d246576696b267ad111bfb4379fcd40484a437ee5bec6fda48e2092a
SHA5120f64d6882963a59fb9c2d300016a6f5a7f1947de2786a401d28976babd50a65c512f46d0757e1ae637a4e26b8950bce9a85f55d771f92251af9bc04d8ab7378e