Analysis
-
max time kernel
147s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
28/03/2024, 13:46
General
-
Target
2024-03-28_97bf1305e4501f1bb8dd6213e56b73e5_mafia.exe
-
Size
428KB
-
MD5
97bf1305e4501f1bb8dd6213e56b73e5
-
SHA1
e6e436f54594b38604288d5b3edff2e81f122db4
-
SHA256
bd2ef4aee2a8ccdc0759aa671ec27c6b814d857f4fe84e5ab3e4dd68da6b8d6e
-
SHA512
93c9e738060c0bf4df81e263968b28c9a08f5d297b5a6c168771017b4c80ef054d36c33dc5745b8bedad051dc3324ae69f06b8e9f5440136d252f81ac7eb549b
-
SSDEEP
12288:Z594+AcL4tBekiuKzEr8yM77M267blPrwifsWhOBDcUHPjl:BL4tBekiuVrzM7kblT5POB3HL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-28_97bf1305e4501f1bb8dd6213e56b73e5_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-28_97bf1305e4501f1bb8dd6213e56b73e5_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\A3B2.tmp"C:\Users\Admin\AppData\Local\Temp\A3B2.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-28_97bf1305e4501f1bb8dd6213e56b73e5_mafia.exe BD30923809BCD0941D5B031DA7220B8A6206C2BA133CB044016D2A59ECB9C6CC18849423F48BBAD5B83C463944A1CA4B207F0D84D24C9410C961223A1228ABA22⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD576ec45c4129a3db374f1ee0137f79745
SHA1277a2e89822599d02fda17a4823ea5f6e4bf8f22
SHA25694085df84afa792245960611e789c198a584a091e4998f6b37b0215caec311ad
SHA5121a22cf12d856bc0267ad111fbfbe68ee6bacd3a1548193d212d2012a9dcbaaab68dffe10f5c653fe79052f3ed159acf213504273410541cadb9b80221335f512