Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
21/04/2024, 12:34
General
-
Target
2024-04-21_7cda410ac0e04a28731a2bfc0581de52_mafia.exe
-
Size
443KB
-
MD5
7cda410ac0e04a28731a2bfc0581de52
-
SHA1
60c61d9bbe800b34a85aa8779a8e55f9413358a8
-
SHA256
4c95c9df5e1a647e58a63ffe71d1208bda3b6176b10f1509977f609fc07d0842
-
SHA512
353f46f7f4b146e538e58aed7103dc300213157d18595a4af40281c713ae75c5f0182e6faac95532d2391a6c787aec42b3d2f877ca05b8d7c22c94718359b5a9
-
SSDEEP
12288:Wq4w/ekieZgU6/1YId0Ydb+4mDiTqmWyC0+IlMa:Wq4w/ekieH6/Fd0YdWD8PJCDIP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-21_7cda410ac0e04a28731a2bfc0581de52_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-21_7cda410ac0e04a28731a2bfc0581de52_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2BF2.tmp"C:\Users\Admin\AppData\Local\Temp\2BF2.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-21_7cda410ac0e04a28731a2bfc0581de52_mafia.exe 9A0449AC94D88EE3C6CC0B614CDE42C7FDB1B7E13B3B1AF5184C992FBA754682250DF58F42884AEC5C25BAFA0F630F0BDF4AFEFE8C1900F47CA828F5DDA6D1E42⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD54fbc41650ecb628ff89f5d9e900425d8
SHA17913335cc87ee5ecdab557866e7ff62910cd8486
SHA25623ab07a28dfe76eb24eac6f6cc0542d061e267feb41caebf874280c838b8c215
SHA5129491323fdbe480df7d48dff7b978d3def61c6326c82cfa3c1edd0db9d5639e7244d6a9b20ad2a9b65d25691db6afe2606597597136c93850b8e01b5794951357