Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
21/04/2024, 05:59
General
-
Target
2024-04-21_cd15e56a1ec2e5b4ca027bc3cccccea8_mafia.exe
-
Size
479KB
-
MD5
cd15e56a1ec2e5b4ca027bc3cccccea8
-
SHA1
15ceff5bb46520a1e4bcfde5fdafb0de831b3e54
-
SHA256
acf0725eee68cdc134315933aa7f948ac855f58f204e0d30a1b4ecf704e6759a
-
SHA512
66f057eac306a2892d8f685b0efedabfccdfa5645fc59a52d89fd8eaf7e7b4ce89581d813025322a3f2964bd063c4e97051b509e34be199fc13adc14f8775f57
-
SSDEEP
12288:bO4rfItL8HANEzvbPenKCPUf7hpaB8YQxOxu75UO:bO4rQtGAMToKaY7hpUENVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-21_cd15e56a1ec2e5b4ca027bc3cccccea8_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-21_cd15e56a1ec2e5b4ca027bc3cccccea8_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\38A4.tmp"C:\Users\Admin\AppData\Local\Temp\38A4.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-21_cd15e56a1ec2e5b4ca027bc3cccccea8_mafia.exe 67345A2DFE70F8DA83FCE6B1CC76CD06825D015C770918D3114F46BEB46073C3950B1650127D5853FEC7D2F991D4623401CA1714F2C720C3F44D1379832BDE732⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5a80b1911131a2cac39e5714f81a7a923
SHA1aa55c5c30e7bdfec9058bad03292444bf0440cda
SHA256a7b02efcd439067f0f64b7ba7786601fcfd635f4777ce8450b23dab4b9e1ae00
SHA512164005dcb65e8c49b89b4555c43ab6e9d09cf80724426c2e6e1eb7f03945a3baee9a1f0b0c3e9d7385508f5423f1edee47dcd186c718fe3265d58cbd8366e4dc