Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
26/03/2024, 07:42
General
-
Target
2024-03-26_c93e28490a7c8a95e8d3930e24962a97_mafia.exe
-
Size
444KB
-
MD5
c93e28490a7c8a95e8d3930e24962a97
-
SHA1
9395044f18970cf2213f231a00c9ec1a22bf9f56
-
SHA256
7c74699fa18afacbea5f1e07d8ce0fb5ab8352c44ad5873e30f7360dad69513d
-
SHA512
0924a4639c68319bf296fb49a14b01855cde36237e30f0fb609388092788d7bbcbf7dee53401f57e83e186a147a8b4540f2f0f0e8ecef4eb53a2e74cdd682d7a
-
SSDEEP
6144:fFrJxvldL4c5ONK1xgWbd1s79+iStk4VOksjn3oEbrsHV3nWJ0oH39JtcP/08kHh:Nb4bZudi79Laos3WSoX9Ctkt54s0XZA
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-26_c93e28490a7c8a95e8d3930e24962a97_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-26_c93e28490a7c8a95e8d3930e24962a97_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4527.tmp"C:\Users\Admin\AppData\Local\Temp\4527.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-26_c93e28490a7c8a95e8d3930e24962a97_mafia.exe D39AC62FA070546B097C2288A7D3D3C6D6A621CD226C4BC76D0B45286544E16FDA96BA26E284823054A851D79A10E66C87AAA6C154BAB419B0F8F595C6F15BF52⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD5808281e4d081bf7bde1326e609671133
SHA15855b3a98da05092eb856cca68defa630fbe07c2
SHA2566f285015dcd664b9c74a2a4e3a12e8dc2cf3322fa976dfcfd1b48cd0d3307734
SHA51258c748da2c63b50c25b07104740a957971bcc76d5e9efdeb625d7337e58f53b0a297068d9bd4d35ffbba2915ad11a6bf79c50cb39723d5e24c74e81a069cf9cd