Analysis
-
max time kernel
132s -
max time network
124s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
26/05/2024, 06:52
General
-
Target
2024-05-26_fa4e0fec8ef48739e267bc01cf6be424_mafia.exe
-
Size
414KB
-
MD5
fa4e0fec8ef48739e267bc01cf6be424
-
SHA1
69ff855006d6806cde4f1be346c79b32d01c338d
-
SHA256
1aaa9dc81d380618290cb44f68be9279ba573992de4c9a9a5ba3fa35bfe2888c
-
SHA512
f8a0e92e79f01282d2c20d180c4e2a663f7a3367e04c68868407a1c23103ee9ad8f8e3569952f84b62a94a070ab0c55ba94ce51a7b6d2e44fe153e64a52e313a
-
SSDEEP
12288:Wq4w/ekieZgU67YPAtI4NXelanIeHxBmvTAcn:Wq4w/ekieH67qf4delsfRBmx
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-05-26_fa4e0fec8ef48739e267bc01cf6be424_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-05-26_fa4e0fec8ef48739e267bc01cf6be424_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\569C.tmp"C:\Users\Admin\AppData\Local\Temp\569C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-05-26_fa4e0fec8ef48739e267bc01cf6be424_mafia.exe 6758F41CEB209900AC37CD9A7257CE082B0D41E47E6E04788534A8E871ABDDD3D26409ECE1F3C78B87D322B706EC5B86E48BC95629C9BAD5A562B2B52CB4E2672⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD59977a7604d9b2824b7cd1d0f4d1ef50b
SHA1e6ac8772533e3fd9df6edd0f2b60b4a8ea1a7cea
SHA256447a01bcac73681cc813601cafe9b6cd71f7effe83d5dac7cad70f38848d8dd5
SHA512b3c5f1529399d99bb9513dff8bc6b77201c59aced3bf0870e67be8e78819a036d826dc67e17967f1e4204b7e1c9f0e47f05119a008e1828fa7fcdb29339c79e4