Analysis
-
max time kernel
93s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
06/04/2024, 10:39
General
-
Target
2024-04-06_6240c393b9b9e1692c139f9e960881ad_mafia.exe
-
Size
444KB
-
MD5
6240c393b9b9e1692c139f9e960881ad
-
SHA1
ba00d8ecfe46a393819fab02dca27a5a8f7a3408
-
SHA256
ac2d98173e42bfd6357ebc1cbccc3db6dde7cf484f8d3872ae76d7bad0696e54
-
SHA512
080351c2fbe0cf3611ccbc1844ecd828fe8a70cb6c976502e19ec599b80ba8eb3905707e2fd91f23f1dc93e1ba59f2d416020545e67a5a2d0a2905c858068dbe
-
SSDEEP
12288:Nb4bZudi79LT+pvKVIgpJCS5ntbH4e10cGl8yA:Nb4bcdkLTqcIgimnZHZ1lq8
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-06_6240c393b9b9e1692c139f9e960881ad_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-06_6240c393b9b9e1692c139f9e960881ad_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3009.tmp"C:\Users\Admin\AppData\Local\Temp\3009.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-06_6240c393b9b9e1692c139f9e960881ad_mafia.exe 65D0E57F6A934AF31495F5A24274D9C7BCC6A1B08F42745ADFF8327702954F1C7B3800F9F4895349836C03A4D7DCCE83A20BFB0F8A631A9DB4A96AF6863455E62⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
444KB
MD51a5171abf092d75a256d4787562b9911
SHA18891a12a8d79d1725863d500960f6935b2a8c804
SHA2562e4ddf26b7d97fc1570cdfe00fdb62e150b5821d42dd6a6259fe70bc428aeb2f
SHA5129dc63e95cc07f694fa6dbfdd1f72b4f140366c7bd35fc87f26901d5a0d80bf92e6e2d742f7d1ca25e7343bc3b0a524be8ea397abd72ce17a2434153d39874cfb