Analysis
-
max time kernel
92s -
max time network
94s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
05/04/2024, 22:38
General
-
Target
2024-04-05_fb4c72d982a74aa3bcb5fe47adf07395_mafia.exe
-
Size
476KB
-
MD5
fb4c72d982a74aa3bcb5fe47adf07395
-
SHA1
7559daf3c627d507528e49c3c2d5f3ee1694b260
-
SHA256
b27b3e2fe31fc6f7e513ac462a33ca3051422739099774b7093abc3eb3cd8c84
-
SHA512
e3fb7ac01044cb2b4a3feb19f307379bde7743049186b4f7a60b49a6b7f5d64f7d0e8689f9fc4d1739dbc144101bf7dd5eb084368bfee026f7d4817f1f21a8cf
-
SSDEEP
12288:aO4rfItL8HRyTwuygWFTgAHHf31eF7K9wlsDpVFd:aO4rQtGRyp4Hf31eF+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-05_fb4c72d982a74aa3bcb5fe47adf07395_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-05_fb4c72d982a74aa3bcb5fe47adf07395_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\36EE.tmp"C:\Users\Admin\AppData\Local\Temp\36EE.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-05_fb4c72d982a74aa3bcb5fe47adf07395_mafia.exe 00A3196613C6729B5A7B6060683279C7F013618054A7DABD39F31792D0901642D0AB1DE15C92E3A323146E9DE93A26E9F04D5907D441B9E340C0AF61F315632E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD59c8ba40fd6a4adebd314ddfe8c978d42
SHA121b778b7db18d1dcdb41a05d4924d26d090d12ea
SHA256e5adb3da26ee5b9f1b5ffb0781f006939c88b9374f2e2ca84c55e48316261480
SHA512c05d9e8b2016b5fc09cae9934c9f54a0a08b7f58ca46422234a2aaa2c13d4201066623d2d3a36199d6d638abe82a6ba6126d5a1a34d457b44664ded8efea0208