Analysis
-
max time kernel
66s -
max time network
53s -
platform
windows10-2004_x64 -
resource
win10v2004-20240419-en -
resource tags
-
submitted
30-04-2024 18:19
General
-
Target
2024-04-30_d3a08b46453e39f921187b3db5fd92e6_mafia.exe
-
Size
435KB
-
MD5
d3a08b46453e39f921187b3db5fd92e6
-
SHA1
a0cb7c358696b85e2f325fba103eebf61620f074
-
SHA256
6580b20c9f91fe3f455bce7b900263d2713f547eb7d0c741ee3d28b020fe0bfe
-
SHA512
4138deddae7747e4aa6f484c9319f08b63b1cc16f4e6133020e3fc8f1a8857dfcc577c385dbada6ec02e34deb3ed8997e9fd03d2c2b49a3e1b561a10bcc25e3e
-
SSDEEP
12288:fd4x+ePixnXQjd0+leCpgmKMWkNnd3OwP:fd4x+ePixAjaO3Km5f3O
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-30_d3a08b46453e39f921187b3db5fd92e6_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-30_d3a08b46453e39f921187b3db5fd92e6_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3911.tmp"C:\Users\Admin\AppData\Local\Temp\3911.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-30_d3a08b46453e39f921187b3db5fd92e6_mafia.exe EB4229FFA56672D6B85C9CC619E13A9AC56AC912C4D185561F3A0D88D67D8A23EF3E20560FC02569B61C8EB2C0F61F4C3D19580AD835CC791A64D876E3516E842⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD5fc04a0b3a7877857675a2af8ee0bbd22
SHA1a1ce12e4dbeeb2b875b2799d154f2ec167e6e6c9
SHA2565c5d67904ebfc68f7a163e15088f73249aa2464ec8442f02e2cfa5ac48c8ed77
SHA512781bcbedc15a25f7ea9b2f86aa9b9be88510e185705ee047c4d0f7ad2ca1a48bb137082977e8f97578be38c3eaccd1e52a1f0819d4e1ff6bf13662e17af276a9