Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
22/04/2024, 08:39
General
-
Target
2024-04-22_423bc67a327581f54ee5f7f118a6e4a9_mafia.exe
-
Size
435KB
-
MD5
423bc67a327581f54ee5f7f118a6e4a9
-
SHA1
34827951437b69adadd639acd1c79decedf08b0a
-
SHA256
001716a18b92980b491880002993293a172cf4d08c3e48ebcd97c660f91662fd
-
SHA512
b4780a283fc8d17e6b345ecd42a392d98ab66fece3b1688abcea4fa7a104466ab4378ba7202e22651eae979c1c1b752022e6e9105f4da00df861b3d0739b1181
-
SSDEEP
12288:fd4x+ePixnXQjfB6/fZ5+/RylRpz7Z1ID4CwP:fd4x+ePixAjfBofT+/Ryl+4C
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-22_423bc67a327581f54ee5f7f118a6e4a9_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-22_423bc67a327581f54ee5f7f118a6e4a9_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\31ED.tmp"C:\Users\Admin\AppData\Local\Temp\31ED.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-22_423bc67a327581f54ee5f7f118a6e4a9_mafia.exe DE4FFAEF982EA3AFD4BE54300E34AF6CEB8263F472B5277CA8292A75C1EC247A92B6F077022BE64F3DBC44B4CB5AAABCDE1D8337494E6685D6032FA0B1F06A3E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD55ba4365caf0e1b840320ccdd9203cc41
SHA1e1393cd45aca9ff14dc8db25e282e0f186714a57
SHA256627c4c7b4645b58f9d478a92ca394d723ba25c88988f4dbdd80d91047da38fd6
SHA512e1ead419798cd1f8ed263ca48ddf31c55883d12ef1209dd3eab0cd2335f0a902f64012fcae77d87891578adb2ef346c38c48e1ef14c11fa7fe8e4ff6e840e8ed