Analysis
-
max time kernel
124s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
09/04/2024, 15:45
General
-
Target
2024-04-09_fa20b91317df2b633639ed9930888402_mafia.exe
-
Size
433KB
-
MD5
fa20b91317df2b633639ed9930888402
-
SHA1
a10ff74808ff0a6e73a3e45b5c5544b66dbe14f6
-
SHA256
696ff3bd5320d5f188f2f186e6bfec2f3d1d7554d621f5d982094fb07d9eba80
-
SHA512
476d34f9b2813135a3883abfa1464a9ccb48a46a3f126dc2b2e373029444a10af4b9dc5bf0490c913e63cabec9840320a008cb47ad944125a56ea06f044106f6
-
SSDEEP
12288:Ci4g+yU+0pAiv+OUFe2K0eytgWpH6zWqI:Ci4gXn0pD+OUc23D2G6zh
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-09_fa20b91317df2b633639ed9930888402_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-09_fa20b91317df2b633639ed9930888402_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5311.tmp"C:\Users\Admin\AppData\Local\Temp\5311.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-09_fa20b91317df2b633639ed9930888402_mafia.exe E61D71B773A77B5FBD52664854795F3BD84F4A21CAFFDEAF246E7FC9E9B337B89693F529EB11039A1CAC4DA328F571F03A926B0EC53528CC0671AEE542ED17A52⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5045a9dd6536a6d6b25686e49122531c0
SHA11418b61edc1a6ee46affc63d62cffe32e1dc88fe
SHA256e2c47c2e8a52f54448915ed41ed14d06d3be6826699da4092f496f6bc1e42ee3
SHA51257b085ef269e0a977859f8d7e61cd7485b70bedc4da5fd8d7d1ba2fe729cff5c3994749c9903312a994feed85c0e21f97caf2cbe678e430da3fc4028180f0b8c