Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
05/04/2024, 16:33
General
-
Target
2024-04-05_61ddbb91859693cdb9dd0da2b16bbfff_mafia.exe
-
Size
433KB
-
MD5
61ddbb91859693cdb9dd0da2b16bbfff
-
SHA1
441da94635742094c06c88ffc9dbfb2b7a552bbc
-
SHA256
866461909cf7aadf94c14c57a783e29e4db978de401fa9f3c6df1555e9304d7f
-
SHA512
0b8681ed2c842f18e47121828aecc92c0a10492559c650694643d2556f2afb039c2c18c974f2914eca9cd4e5ac86e44d2ae65967200e1ad33e374d9307332aa4
-
SSDEEP
12288:Ci4g+yU+0pAiv+BptZzkNhD0RyvcpQo7mkn:Ci4gXn0pD+BpXOAxKk
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-05_61ddbb91859693cdb9dd0da2b16bbfff_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-05_61ddbb91859693cdb9dd0da2b16bbfff_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\374C.tmp"C:\Users\Admin\AppData\Local\Temp\374C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-05_61ddbb91859693cdb9dd0da2b16bbfff_mafia.exe 36591AEFDF8B53BE93D4506DFE7F52F078343525B1511ECC003E4CE67ED100E83A059C59DAF7F2DAF6B21EC4E9FDB75D5F5D8AE880E6F53640063C97F624EFFF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5386e1a39388367bf9894cc8a029ef747
SHA10ec104062b8f6629b96d1bb05c5fae863f2a13c8
SHA256eb8fdef81c6f97544dbd8e0035189a4df77359149678fc72c0893f6159c6edb4
SHA512765c56edf15c2ff73936e2a4241a733c34a050367dcf7c287717b438bfffdb8ab474e4a4e5fd54f04dcb8f69b689a58827e2481b8b0168c37177ea0494799b41