Analysis
-
max time kernel
150s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
09/04/2024, 04:14
General
-
Target
2024-04-09_af0475a03405d64da335c66edf7e5c16_mafia.exe
-
Size
435KB
-
MD5
af0475a03405d64da335c66edf7e5c16
-
SHA1
73554ed6248fa3d67874e9d525415be5f876a020
-
SHA256
5115a11de4058f3d160ee94a6d170f1387aa86b30f6ad35b97349ad88f1e3baf
-
SHA512
715a7b984c95408a2d515f46d41c9f51293e4d7284137381915fe189587f8c1edf40d47b3a632c601d120139c6232ec20839c4ffe108e4cfe4b92aeecbcdecb1
-
SSDEEP
12288:fd4x+ePixnXQj/ySZvazyso83mIbC0SltIzdN6wP:fd4x+ePixAj/lYvoFIbC08Ozdw
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-09_af0475a03405d64da335c66edf7e5c16_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-09_af0475a03405d64da335c66edf7e5c16_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\348D.tmp"C:\Users\Admin\AppData\Local\Temp\348D.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-09_af0475a03405d64da335c66edf7e5c16_mafia.exe FADE10F4DDC08236200F918FA87B4A0395DDA30BB721E4106F08F699D4370E9675760FB4DEEA00AD3AD8977B1791A6EC3CD5DE6801B59CB8E3DDD4EDE574876D2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD5b6e009f09e6931ae8f4d83e62ec3060c
SHA19a158ae27cc46e59d5a15f1a7ff7f3ce3b13b061
SHA25650eaa19e9f721a7e2143865a4c2dad180fc502845d84293351702ec9b6687e2a
SHA51221ae67b94bdfd953f77c358beb73cb160aa9cbfb823bd0afa86dd3496d8f74ed305f1eaba849ccb83ff3a366cbbf74ffa4169226a84ff2840ef06aa83f37b94e