Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
17/04/2024, 00:26
General
-
Target
2024-04-17_07e94bcbf945eef37c25060d3f093bdc_mafia.exe
-
Size
414KB
-
MD5
07e94bcbf945eef37c25060d3f093bdc
-
SHA1
9f63e050f6d0af608328eab90fc315c83036f84a
-
SHA256
4cc7a70aa9b12c8e4a4026676e5faa62b3d1ee8db5a659a536e8abb6be0e9881
-
SHA512
4ae4737d5b4267793c87b1206fb22d81bf3e8770c33f86df87e93eb9b43cd2c2beff1e2dc2024df836c5140254863fba6db3864dab08340629358e02f6911e41
-
SSDEEP
12288:Wq4w/ekieZgU6SVUB2ijDJcal4gGQ3q1+etxL/:Wq4w/ekieH6SVUB2iHJcal4gGQ3MZx7
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-17_07e94bcbf945eef37c25060d3f093bdc_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-17_07e94bcbf945eef37c25060d3f093bdc_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3885.tmp"C:\Users\Admin\AppData\Local\Temp\3885.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-17_07e94bcbf945eef37c25060d3f093bdc_mafia.exe AD2EB6D30CF128B4DCEB741F2705156D949AE02D6282E4898299BE90B075B9CC1917E09C5002A9D6FDE054D8071C8543350007D3AEA81DD19D9520763DD39EF72⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD5a2bc3e49c1c38d322d4a2fb044977c53
SHA1cd3c10cc3f12d1d3042a77b1fcea1be7cf440b93
SHA25667bf0642d4891a7c7118ddbe0c5b0c62ad3c20a85db519034528d3a87f2a3b98
SHA512371ada7e712ef57f67db31528afe98db57e82626f073d59245db67544aec2b42c2cfabd138cd32d994c0fdb7f3fb5029bdafce20d91da16c2979b67680f2b0a8