Analysis
-
max time kernel
93s -
max time network
94s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
28/03/2024, 04:46
General
-
Target
2024-03-28_921a8b9cc5694db3cf52f4d237383e78_mafia.exe
-
Size
473KB
-
MD5
921a8b9cc5694db3cf52f4d237383e78
-
SHA1
3fca27377db4357342dbfa6921e0a3bccd9e3caa
-
SHA256
925df1c2ecaf69aa3b198fb5632e8f7355e2ad0247d3748d6014b64ed1603c2c
-
SHA512
2c7646dfc2422ff4c75f7956d11f0b1b9cae453796bd200fd272dc8515ae8f73ecfea8e33e40fca438925812f767284844f231f98f1155770d3c03c222ce9ee3
-
SSDEEP
12288:Nb4bZudi79LdXg/7E2STfRyOJ16akdVKZdRaA0a:Nb4bcdkLdXg/73cfUOJIdsH
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-28_921a8b9cc5694db3cf52f4d237383e78_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-28_921a8b9cc5694db3cf52f4d237383e78_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4D16.tmp"C:\Users\Admin\AppData\Local\Temp\4D16.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-28_921a8b9cc5694db3cf52f4d237383e78_mafia.exe D9CB8A5C205DCDC3C79A0AEE0AB5D72637FCC9FB59505FD6FBEDC7B74358AC9C2110F7B8538BD0F09A9AC89372ED43B315E02BD82BAC291FDB893073560D23812⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
473KB
MD5ff29c46a97a2bed78c4a8cfdf3e1ca11
SHA1f661d6736341b945f4c84a47eb9fb985fba88378
SHA2565c3c80e9aa4394ffe19d1cc78e32bb76102aae6d4675d24592498c2d70045942
SHA5126ea16d275ce7e6219897cc20dfbb5151aed733f9656f97233d89aa60e7e32cf5cabe6bebe8eb39faab631c573ac4a16856ac02d0de422912dc2e283af9a9ca04