Analysis
-
max time kernel
144s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
26-03-2024 19:50
General
-
Target
2024-03-26_d8637d6bf3d23354f3f67826003d1b52_mafia.exe
-
Size
444KB
-
MD5
d8637d6bf3d23354f3f67826003d1b52
-
SHA1
fd8805bb4eda9621127a2a4a654a2eef770877da
-
SHA256
722f8388d5ba978bb287f7932efe0223a56ccab7a968a2129f45a429b1652742
-
SHA512
464f1c91aafe3d84c394694f2bb53e23300e07cf7c9040c0c5afac8ed390110215152a38142070a54c117e661fc8cb84f3455f337432c69cb7ff288f00a51b4d
-
SSDEEP
6144:fFrJxvldL4c5ONK1xgWbd1s79+iStGGt9PeAKnzp5iXH7F0NFwZ/YxRXxBH2fNS:Nb4bZudi79LTGt9unfih0DeMXH2gA
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-26_d8637d6bf3d23354f3f67826003d1b52_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-26_d8637d6bf3d23354f3f67826003d1b52_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6EB8.tmp"C:\Users\Admin\AppData\Local\Temp\6EB8.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-26_d8637d6bf3d23354f3f67826003d1b52_mafia.exe E0A48C645B370322041716EA331C6A14801EE6D6BA895A22E3BDDCB1963343A4EBC11270FD1BD3E0B1C6F3CAA96F96285B4BF6EF2A62CC0D96613700BD4F1C7D2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD5409a9b96e51809a6019c0a1f9f98ee1d
SHA1a36ea3820c1b09e38bbedb6b7fd042f7154cec75
SHA2569f1e38a270948d7af6619adb1d6f7914b03648b3ae41d9acd1dd8d93269f6ead
SHA512d5932aa5efde3e3f1c5d2ed46afa3aa13cb748a8027f603dbb5cdaf5ccd9709a37f78d029969d4d6a389382cb23640f6f6eb3a9d45c0926f3c575b9fa6953ff6