Analysis
-
max time kernel
150s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
27/03/2024, 12:24
General
-
Target
2024-03-27_0008e4508abd82c4df57003a7f83c939_mafia.exe
-
Size
435KB
-
MD5
0008e4508abd82c4df57003a7f83c939
-
SHA1
8626d82b25941599e8a8a0a16b4c5f04b5d5e63e
-
SHA256
1aaae9dcba6197a0d41bd58b89c106b6feab4c92b47fe5ae050b71646ecd6bb0
-
SHA512
ccdd7e52f0021a4356bd5d6a707b395c5f4006cf4a5abf7d9bb5cb2cb65bd35122cc785472a48b255049b0b01c3dcaf654d1774c16624f37306f9c37ce84e125
-
SSDEEP
12288:fd4x+ePixnXQjbBXc/R3dS2RQYs2ltjZwP:fd4x+ePixAj1MKANl1Z
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-27_0008e4508abd82c4df57003a7f83c939_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-27_0008e4508abd82c4df57003a7f83c939_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\30C4.tmp"C:\Users\Admin\AppData\Local\Temp\30C4.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-27_0008e4508abd82c4df57003a7f83c939_mafia.exe ED5E6CCC249EBC9B8ED244207ECD1F6D8C3A0D7D211B0A5110F7CE33F48063EB1C6445C4337D6CC1AB8EA89AA80D17720E065415A9D1C3FBAAFE551AD4E79E532⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD5f5ed77b6aaac63be6d72fb43a9c86dbc
SHA129ed7e462794f0964e1380ddea45cbd34e3898f7
SHA256f6e51bae4d9489dc10f28428f46454aae9f9118fcf0495fb37e8ab5e75d9b37d
SHA512abe77a317b34b505de0e1ec4a149c531972d419e58691a623fe06db100b1e06753749661cda22d0d65f60859054a3aa1b39d647c4d6af1c4d80db6c7c172ae52