Analysis
-
max time kernel
146s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
10/04/2024, 07:31
General
-
Target
2024-04-10_63f8c91ea61bc83f19453287ace46e39_mafia.exe
-
Size
443KB
-
MD5
63f8c91ea61bc83f19453287ace46e39
-
SHA1
729b2a8c8e370e5ac3dfe02e497287b1033823bd
-
SHA256
fbd28fa3a89c6f2003869afe99670cb6c9946bec670fdfd5616c566e006a2301
-
SHA512
137dfdfd17ff1e9102c22019dc38e3cacf3e775d9e0c0c030bb6afad7de44603deb614b2e2508d6759ace4d4b1758c9ebfb2c37c863db227a9519060df251f92
-
SSDEEP
12288:Wq4w/ekieZgU6SG53jx4evc6NMRI1tvE/lMa:Wq4w/ekieH6SG5z7c6prvUP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-10_63f8c91ea61bc83f19453287ace46e39_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-10_63f8c91ea61bc83f19453287ace46e39_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6409.tmp"C:\Users\Admin\AppData\Local\Temp\6409.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-10_63f8c91ea61bc83f19453287ace46e39_mafia.exe C480E07ACBBA9551C94AB142D0431283667DA8059DD8CE27E80C77D1FA3C01EFC002BECBAE5C510F139CAEE6BD35DE8C312DD9BA1732D1E6CB61B7CF206C69DF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD566e329fff58aeb5def986d1594dad179
SHA1e5eef24cd1b95e91dfdff47b272a96d731e4766b
SHA256c2d63e1f7d8ff863d7c2f0b278d5a13325470dd1da725cf6c52229c18b36c04c
SHA5120e52bc6f0b35b004e945828f48ff4d1520d3cc1cf62ce498b0f0da8d0b2b0c6cc0abac983131bf93b0deddccd95978d14c53953161df48fa2db27c418add02e7