Analysis
-
max time kernel
93s -
max time network
144s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
09/04/2024, 11:25
General
-
Target
2024-04-09_030b5b018409cf91548f367d42d38298_mafia.exe
-
Size
428KB
-
MD5
030b5b018409cf91548f367d42d38298
-
SHA1
9f169cb326864c629fd4a6b7eed1999fb19b1f43
-
SHA256
64d07214c762e68f29b247e8654185225ce8c006320e567066dd76c2b797f97b
-
SHA512
b8fdef57b905fe7690a927996be1093b8c1956c1042cd10fa4b2bc41b9b84c9b16641155820ded393454ee3ad6afe24b3e8d27cd90114e472fa85d1321cceffc
-
SSDEEP
12288:Z594+AcL4tBekiuKzErVos8pQuT4uMnA+2nscJrtAsWl:BL4tBekiuVrVos8pn4bA+cLW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-09_030b5b018409cf91548f367d42d38298_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-09_030b5b018409cf91548f367d42d38298_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3160.tmp"C:\Users\Admin\AppData\Local\Temp\3160.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-09_030b5b018409cf91548f367d42d38298_mafia.exe E8E82C4FC25C7294C121AB4E31BB1EDDF052D1D82CF4847F016192C258BD63739B56383F0AB608502E9C9C4071720B6B2EEFFDE5D0FC0A7AE10546E6CE52DC032⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5c545e47903419f98a86da98b49671f2f
SHA13efe74bf12fdcf501204d53dd2474dbdf0f3eabf
SHA2569d8987d975eed9096fa64b72e342170412a8c566ce441a05a513b63f2848206e
SHA5126198203f0bf6ac89afabdd547721d459b5179e0f10d8cdd25a9e4bed29382c3ba317f25f922a0910a4cb781a33a00d031e5b1765bd7e7834a6f60f8b3431099c