Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
19/04/2024, 21:25
General
-
Target
2024-04-19_267bbae1c7d210dee1965dc1afdfe40b_mafia.exe
-
Size
479KB
-
MD5
267bbae1c7d210dee1965dc1afdfe40b
-
SHA1
7207a52bc51b95cb42e350424fadfd4ce7ec32d9
-
SHA256
f3630a52d2a07c8ba51b14b1b079e53c3a2cdef1f405acf7af0c4776e01ceef2
-
SHA512
c281b39d8c1b07d69e3d11ae4c67949ba82b252bc6913038135967c2f257b546a3531862f4d7bd289129b87c3e1b9f5c82a2467de09804e1b12caad8fcbb8902
-
SSDEEP
12288:bO4rfItL8HAzjXuRpIEQCk5UEw0Lcqm8p75UO:bO4rQtGA3XuRpth2w0gqppVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-19_267bbae1c7d210dee1965dc1afdfe40b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-19_267bbae1c7d210dee1965dc1afdfe40b_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4FF5.tmp"C:\Users\Admin\AppData\Local\Temp\4FF5.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-19_267bbae1c7d210dee1965dc1afdfe40b_mafia.exe 3F0A61666776203250FB053EEBFEF4C8CB3A1B8F83C431132259FB31DD83CDEDFC0B5B5228E34E1D53DAE6B7E1CAAE98DACF8D0D2AD01F5089460B6D20EC1C232⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD59eda91f4292f845d426d52728ec47119
SHA1b826e45f5d30f89b562e0173e4f3193abe714765
SHA2566645155038a8af7bbbd1bfe28ffc28f5f9a36a5e119720255304e497993476f5
SHA5126bfca48757f14b6f63520aa2c09434bcc61effb814f1769493e866c984679172f653bfcd2f6c709f3c9873f18ba57700cf2cb7a5aecd52f7b1a10b9e28fccfd2