Analysis
-
max time kernel
138s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
07/03/2024, 06:30
General
-
Target
2024-03-07_72b68b5cb885b65d08d2cfaed5a378bb_mafia.exe
-
Size
412KB
-
MD5
72b68b5cb885b65d08d2cfaed5a378bb
-
SHA1
3d40c1d8ed9afd64ef5b9b642b8e10c1822a5046
-
SHA256
5af82e0db910d15a64a60401208332e168096ab3fb43c2aefebb2cddb06504e9
-
SHA512
ece6c556d3cd7e8516379811c4a40634d623c4b62b80260ddfd184bdcf5e5deaa8bd1ea0230033d6d2388d7b42907affb334a901ed53b0d65221f5081edfa3fb
-
SSDEEP
6144:UooTAQjKG3wDGAeIc9kphIoDZnzznc9ko1kqWnnAE7n1qi73jwJbsP:U6PCrIc9kph55znn9qWnnAkvUC
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-07_72b68b5cb885b65d08d2cfaed5a378bb_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-07_72b68b5cb885b65d08d2cfaed5a378bb_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5360.tmp"C:\Users\Admin\AppData\Local\Temp\5360.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-07_72b68b5cb885b65d08d2cfaed5a378bb_mafia.exe 4612E0864037DD458A0465473C4EC9CD68F237BA0A1BED12E9AF2AF6E7B304D432772CC000DDEDF04AF2F571457DE25FD775D79A72ADD74CC1522F323389279F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD51be5e744145966fbe1b1502e5fa628fb
SHA105752b4b139d79bb31ecb22e8abcc0f5287a01b0
SHA2560a3800f0246b89b270ff8b0bd5d30ea574aeac4277e184af9faec1378d4d2bc6
SHA512f39b589e5236ad5968caf0c584e4279df73f167ef401b0583b25d4dbe09fc53d7c51dd18a5fc490b082c4b15d85df3629d2f3eb21519bb04b8a200879e42dd0c