Analysis
-
max time kernel
98s -
max time network
124s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
18-04-2024 10:48
General
-
Target
2024-04-18_e4072af64f4bf394cb3b9910fcb9af02_mafia.exe
-
Size
479KB
-
MD5
e4072af64f4bf394cb3b9910fcb9af02
-
SHA1
72c9776194d6b94eb375e9b715c19c8ae1b35b0e
-
SHA256
6b4c7aed3dd0aa419d081d08d543248de5cdaafdda2e8f7c5c024356990c53d0
-
SHA512
e408a0372fd71037b2057dc4182ba4bc73e2d5c23ff5441522161e8ff6dd5f9b0b3eb96e7a202a9d2fd43e70d555ae35a25ce07b246e9392601be66dcac2112d
-
SSDEEP
12288:bO4rfItL8HA7thJ7dUDf8j+8dPV0NVqK4nT6bcD75UO:bO4rQtGAJhxsw+i90NVUiGVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-18_e4072af64f4bf394cb3b9910fcb9af02_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-18_e4072af64f4bf394cb3b9910fcb9af02_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FD6B.tmp"C:\Users\Admin\AppData\Local\Temp\FD6B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-18_e4072af64f4bf394cb3b9910fcb9af02_mafia.exe E5243AB6C0B30206EB43EE24736185A96933C8030BE11478D90DA3BDE5A631175AC6731A35AD502775F4DC7EFE3B5773F97AAE0A8E74D9305FD03FA2AE0E8D312⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD580aa1ed1d7d909f085c459a2910d1c63
SHA10a3341aae4e41bf09181945c268c4ac9216678d0
SHA25601b4679ce459222c32c1cdee7073d81bb51b5ff0651c035c632a695720c4658c
SHA5129d0b2b390dd0f3fef7833145dc0bd3f42604d174d442a66f113d8c9f5c2f9750faf74f83ebaaf457177811238ea5f73e9609d75cb771610353f3cacda00ac8e8