Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
26/03/2024, 12:56
General
-
Target
2024-03-26_e01445aabdc0ecec6c2e299ada524ec5_mafia.exe
-
Size
444KB
-
MD5
e01445aabdc0ecec6c2e299ada524ec5
-
SHA1
6f12af8074804e05204cffc0d52fb1d9aef0cc68
-
SHA256
f11ca86e8dcba8ae3884ba52bbbd331b8f917283b8aa1aaa89ba577a6c1e2cad
-
SHA512
deb549ab9d4d48f4f1dac9e82060ec09e82536245141755ad1d8666f95cc7fcaf6e10c32410aebe77644f54f78b5c56baf64bc728c0bc112bd33fcbd8f78bfb1
-
SSDEEP
6144:fFrJxvldL4c5ONK1xgWbd1s79+iStqw7FZEwo98ZCvQJBax5hOds+BtT5B1cYt1d:Nb4bZudi79L4FZujcoKb1B1Bt1MZ42A
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-26_e01445aabdc0ecec6c2e299ada524ec5_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-26_e01445aabdc0ecec6c2e299ada524ec5_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4E6E.tmp"C:\Users\Admin\AppData\Local\Temp\4E6E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-26_e01445aabdc0ecec6c2e299ada524ec5_mafia.exe 34B76BF3E9F7BC4609683F2C1C0C7F00F2FD5255BF7F95CCBBCB91A2CB0AD4974E43FD96FE09F6F666AF2BBD302138EF2D3BDA575EA36574521739318FEDAB2A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD59411a29f5b1ffc0abaad1b600b2e9b2c
SHA1fa9e24d4e95528797e34450a1a9da0619da14448
SHA256f86972985f1334947ed469f9518fca5b830436b73fdb7dfabb6b130fd79d1867
SHA51235118fda5fa4e2d260dd5074a7668938d5a5b30c0c629fd29587bea3f86074a01a9638a1631b93a90b6fd56557fbd942633c7a134e81abb2decedd8a19322d89