Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
21-04-2024 21:42
General
-
Target
2024-04-21_9dc52e29aca4ab25f2152a905f28dd03_mafia.exe
-
Size
414KB
-
MD5
9dc52e29aca4ab25f2152a905f28dd03
-
SHA1
65fb3628c6a3f3475d471e78c4e096315ad14bfe
-
SHA256
6c902b3712bbf66edecb27651f8924a5c64d3b10aa79808f68e7cbd215733ce7
-
SHA512
592fb6dc0c81ce345f0fdaef85b1293450b083bf960f543c3f40f0df1a5e34ec3b9cf3d4de8817356a630c805283beb3690799cb190d6a59c050ba140c4b8eb0
-
SSDEEP
6144:Wucyz4obQmKkWb6ekie+ogU6BY0JEe3vcVt2bgupIZWWVr110saTJol:Wq4w/ekieZgU6xEe3kqyhXKml
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-21_9dc52e29aca4ab25f2152a905f28dd03_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-21_9dc52e29aca4ab25f2152a905f28dd03_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2962.tmp"C:\Users\Admin\AppData\Local\Temp\2962.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-21_9dc52e29aca4ab25f2152a905f28dd03_mafia.exe E52970F9A6B7DF48C84A636EF736F22A30C59459482238BB7E259CC322EF06CB7051B5C6BD0F1A32D4C5152B6342C4542CC8C6B7BDC031B2CA11C6BB80ED56702⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD561710bcdf8374d2df5df48c209c622cc
SHA1a549a43ee3962fb3a316c7e96c1d60efee6b05a6
SHA2566645893aa7df756695f97b25ae336f2d6a69672be9d9c069cea6253ac59929ba
SHA51203ea86a21abba12fadd5403bde3c42a98051b9222bb85693332e83085e327d29e27d3b30e02e413c1b2dc5f83952a6fa1591be4472ddb6291714463c94ee40ad