Analysis
-
max time kernel
147s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
05-04-2024 22:30
General
-
Target
2024-04-05_8a3f011585dad9e303d7f15868441acd_mafia.exe
-
Size
433KB
-
MD5
8a3f011585dad9e303d7f15868441acd
-
SHA1
bacdccb105e1ff7de953f1adf0242bc9f4122b57
-
SHA256
465fdfd76fa310a183dad381a24cc9bccf5506108fce93e08bf08d189fa1d2b5
-
SHA512
2f77dab5ca8aa4a0a7b479ef78fb071012ea76e8d7e743fcb3399e5266795e1144debdd82bbd0cb375430ec5d8bc405601c2058ca3d6b0308c8f7665ff9c437d
-
SSDEEP
6144:Cajdz4sTdDyyqiOXpOd0p6Jiv+vtvfSBE6s5YODIl/hiy8n7MXa515/OH6gn/+5N:Ci4g+yU+0pAiv+1SBE6eDlM65xgnB0n
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-05_8a3f011585dad9e303d7f15868441acd_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-05_8a3f011585dad9e303d7f15868441acd_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\9078.tmp"C:\Users\Admin\AppData\Local\Temp\9078.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-05_8a3f011585dad9e303d7f15868441acd_mafia.exe EA6468E44CB01E72EB1EE06428C43036A0D981E01AD9F1C9DBA9AB05E845D655A6C140919C740F12C0B1B2AF29DB242E3D1C894C22E5FD6D52C85D5AA79D9C792⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5c4cab62f1e68fa9f40ca33e550f5d491
SHA158ccac9547a84dd06da9d858c0e26fb994d31b03
SHA25656ced0266c4956482ed9cf6bf524f8e186d7b719b3d09f4977f7ebb6f52cbb3c
SHA512586c41fcd97438f68f3373e1f84fd23c9a4f6237756bb79c462161bf02ff6c86d908e6d5a7d34a6a7b59c4d82ff8868fb4d1f0e799ec895bd317dc7d3b3f7aca