Analysis
-
max time kernel
150s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
06/03/2024, 17:33
General
-
Target
2024-03-06_2d9f0e5942a093118e872609f431e699_mafia.exe
-
Size
413KB
-
MD5
2d9f0e5942a093118e872609f431e699
-
SHA1
ba99c804283784e25bccc5287ef42d35b54ef063
-
SHA256
d008f7d1a0eb6284b738a318e8282c2a91cbb418a2d235d20a535337e1624ec1
-
SHA512
975838d604790b79807f684f71336d9847971ec2e01ee45be720cdda39b9a8788b7d6d27dff690d6f212f2ba1577447556f955a78d05cf347a1d8ccfe475f22f
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mF/nXaT9aJTNSfF+WLp0a6YqyLfzIJ7eDX6qHg:gZLolhNVyEUnXaR4UFwaxqyL7cA6qHg
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-06_2d9f0e5942a093118e872609f431e699_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-06_2d9f0e5942a093118e872609f431e699_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4277.tmp"C:\Users\Admin\AppData\Local\Temp\4277.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-06_2d9f0e5942a093118e872609f431e699_mafia.exe CB424BEB9C531EB983A4B5E6DCE43B4858F975737052A91753A6E66ABA9861032ABB2200066A0C3CBEE51FD9A8A9B8DCD6ED76880A5DDCFBEDCF0D9A1F57E4132⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
413KB
MD5d29914b8297f901d63085dbd89a78095
SHA124d4e4fb04af38b29a390e1e81762f1ba61dce70
SHA256424c8c1d9c0e20e6fc1b609f179bb8476243bb317bdccce849761fc302c0dd00
SHA512284602e1a4f1a6cdcda3edcd763cb212e2e98cc8329e24e059fde6cc49ef0d5bd9b3baa44c052d04b549008cc1c3caaa15762edebb02074413e634d06b71db4c