Analysis
-
max time kernel
136s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
23/04/2024, 07:34
General
-
Target
2024-04-23_59aa598b9a2a32e7d555a96847276a9b_mafia.exe
-
Size
476KB
-
MD5
59aa598b9a2a32e7d555a96847276a9b
-
SHA1
c164d6d3aeff7f2f35063910eca3e5f5d19e38f1
-
SHA256
3a2c132637222d2b5122d049f3f6bab244c90f4ee89def259dc64e4c37d3c2d6
-
SHA512
dbae27e58f74da76fafb2631be6087a1875bdde4f02b411b4127c5f24ae64274c88e2b005b19757712d53389fc00845ef7e0bf524252c3cf83166401311a8fa1
-
SSDEEP
12288:aO4rfItL8HRuFE3qpvAiPtVb7Ssqfth2CrKK7K9wlsDpVFd:aO4rQtGR8E3GY12XK+9wlsDpVFd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-23_59aa598b9a2a32e7d555a96847276a9b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-23_59aa598b9a2a32e7d555a96847276a9b_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\53DD.tmp"C:\Users\Admin\AppData\Local\Temp\53DD.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-23_59aa598b9a2a32e7d555a96847276a9b_mafia.exe 5DD529EBF83CD7E33EC1634719540EE7CFE592D3DC1EFF44427FB01BBE5987A9846254C823A16E6246A26967C694BAD3B42E54F8D041C041B38764E753ED931A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
476KB
MD5c3f191a2a0a23c9e230e16a3daf0321b
SHA1b19e8215215fe6ccc9b1054cc8fcfb1448a0ad4e
SHA256b9d3df9c34c08711a28990065ce0bd1a4db83f705c217c727ee91bd3602441b0
SHA5129bbbc37938d6d3d1d36719c7f6351241627f3116d8c694c9d6e231076cb370f02e6cd6a7ac9c4f0028cec1cd6ccd66222df792f5325e5b50c7c3d4e5fb1be02f