Analysis
-
max time kernel
150s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
07-03-2024 14:41
General
-
Target
2024-03-07_fab759fb2fe3afe954768961dab742d2_mafia.exe
-
Size
411KB
-
MD5
fab759fb2fe3afe954768961dab742d2
-
SHA1
007efa6dfa570dea5aa170bd1736c1414644e973
-
SHA256
fd768e179b4d7f1b2cd45a04a9a1c0267d6abd2bbc6389151ed2eeff97bd851f
-
SHA512
006616fe331294ff389cdfec89668f5f41edbb896ee7f19856e2a37d23c27a54b22cb6524023fc2379acb613edd3d2e57cdeef0791e126d4a8481a81856663b6
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mF8dIZTrsDT6pT36UcMEobz5jsEqHI:gZLolhNVyECfsPGzFcw5jsEqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-07_fab759fb2fe3afe954768961dab742d2_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-07_fab759fb2fe3afe954768961dab742d2_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4F49.tmp"C:\Users\Admin\AppData\Local\Temp\4F49.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-07_fab759fb2fe3afe954768961dab742d2_mafia.exe F9AD24ECFC53FEE15222EC0A89EF647C03DDC80FC046CCD226FF1DE653430C523201A3CD0229D8EB88BB2FBFF6104FABDC75BA008B2E2340339C3B89B4AFA0192⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD58b8be0d55978c0b716b842ef1e1f4fa3
SHA18c785c8273a98942be6bff3953e2300945c8cc6b
SHA256c218c04db1b77e73089e6a9e3006d8c6a01e7951baa6b3d939e499f3e7d0addb
SHA5120ceba8c081be805bfa12917464ddaccc2d98c8ef71aff74a88733c9b27313be0a403f2e2c71ba998f680bc27617977b083bea6bebe2e6984eec0e20ceeb447f0