Analysis
-
max time kernel
141s -
max time network
124s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
23/04/2024, 04:42
General
-
Target
2024-04-23_6d44e0b42a031fa94e68a1bdf7cd43ad_mafia.exe
-
Size
428KB
-
MD5
6d44e0b42a031fa94e68a1bdf7cd43ad
-
SHA1
89537672de73d1a67ee808f53d8cae2fac4568e1
-
SHA256
6a404f11698da44d1723bfe2ab87acca92c54d181aa6cccaa441af26b7009f07
-
SHA512
2729c7d7382cac028333c5571ec4fe0c1294985029daab273cfc6c30babb5a7a0f6d88fc5048bda5ea54759543fe9490e7950a2fb57b431a4a20bf65d6f83a9f
-
SSDEEP
12288:Z594+AcL4tBekiuKzErWMegjXdYa1LLpPVfZ6AIf9l:BL4tBekiuVrZdt1npdf8AIf9
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-23_6d44e0b42a031fa94e68a1bdf7cd43ad_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-23_6d44e0b42a031fa94e68a1bdf7cd43ad_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3028.tmp"C:\Users\Admin\AppData\Local\Temp\3028.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-23_6d44e0b42a031fa94e68a1bdf7cd43ad_mafia.exe EB0A5DF2FC72182535F1AF029AAD9E5E74031AAA5F92816304E453655AA47C1FBFCB72736343CA4C79FFF81FF412D7273377D07377BDBFD4DD988B939DE7DEEE2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD551081de9e5dacf5db6f95750e56f3b27
SHA179aca2976f48d59e48e4a649b9557d4d921f77ea
SHA256c6031925121a8c19454bb419c1f183cef40ff4140f3da115821424d61323453a
SHA5124d824231b625933a2a703e318247dd3d6d12b19e56995676d86c0f50c8041fda1512388ce7976322b40dc1a368089c984e20f75abf7bd9bb39ade5f27c40fe38