Analysis
-
max time kernel
148s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
06/04/2024, 13:38
General
-
Target
2024-04-06_849744fdb55a3257288154d541d078c4_mafia.exe
-
Size
486KB
-
MD5
849744fdb55a3257288154d541d078c4
-
SHA1
9f738b9c7da985ade029072fe7491d067891a3b1
-
SHA256
5a5238a5873a5f88086ce6200150c0c85c0ffc8dbb12a954e48e85641a7c7a28
-
SHA512
434aaedf4ccfc0260a8d635fb763fd368f9351af0c0436b3a8d5c4dcbcd22cbc0896f3e45dc8dd1ca468ec799419ccaaf8a7a18e3a693694f5e6e80716c5d490
-
SSDEEP
12288:3O4rfItL8HPo6Osewz6CUriY9kQj5CWW3Q7rKxUYXhW:3O4rQtGP5OseI6xriKiQ3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-06_849744fdb55a3257288154d541d078c4_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-06_849744fdb55a3257288154d541d078c4_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6263.tmp"C:\Users\Admin\AppData\Local\Temp\6263.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-06_849744fdb55a3257288154d541d078c4_mafia.exe 91BC271696883BAB42651BA7B9E59B3D38225039FB1B1F7CAAC5FA0E114055CA8E4A606D80864E6C757D91B1D4CF21D59F4FFA679E1B14B667AA3A0B146C71B42⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD5c73219a946a41d18ab4447eedcd9873f
SHA187a0bcff39fa7aff86019f6614ac9af3f87a33d8
SHA256ed50adaa823a9ac46b45c32eb8211a792ce6ad2e5eff49e2b112166aa09a5a97
SHA51265c138163ad36c7eb2f8be6dc8c4a8675269b3f958c045626102deb29074610da0eb32e3014a4edfd973dd336991604a171fe6e8b399f89cba5b3e0adb7b7edd