Analysis
-
max time kernel
146s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
05/04/2024, 06:27
General
-
Target
2024-04-05_361f5a633b5800d624ee118f35c274cb_mafia.exe
-
Size
486KB
-
MD5
361f5a633b5800d624ee118f35c274cb
-
SHA1
cb374163bfb01c0859216f29499be319f4d0521f
-
SHA256
92182c31cf4b2cc64f491f0ead45692c9ce48ef572c2274ff4403425d4fad511
-
SHA512
ec0ae12faea8f6ddd61435c7bd576fba17d0a9acc1f4a648fff2fdc8c00f0aace2d83fda46b2a98744f06c83ea0f8136fdc15f232908d8658498a366f8c9f85b
-
SSDEEP
12288:3O4rfItL8HPWTHlEz5+ecxzquIQG67rKxUYXhW:3O4rQtGPqrhguIl63KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-05_361f5a633b5800d624ee118f35c274cb_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-05_361f5a633b5800d624ee118f35c274cb_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\594B.tmp"C:\Users\Admin\AppData\Local\Temp\594B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-05_361f5a633b5800d624ee118f35c274cb_mafia.exe 2511C377BBA46B554B23E3BEE8F9EC4844503CBEDD0FA286921F238312201271EDF497928B799805158E75E2F14314084A7A42DB75222290325A275E4D214C172⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD5cd7489d1f8236255def3e6e753552baf
SHA1b540047fa84fc8bfe1827320fbe0e1127ca7ae40
SHA2566232ca99fc826dd05afdbc291df7241963fd0d2a25a6d10c4cb2734c59f4f748
SHA5123e1fdf60e9f665c7b2e01159b4aaa21da76370a84ec18f78734240c6367ccac1dcf62840bdd22f9f400d06bb15d95b3c065b1f3f8bbba09987737a098f366db8