Analysis
-
max time kernel
150s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
09/03/2024, 03:06
General
-
Target
2024-03-09_e72593418f57c970cf70ad3fc2c31db4_mafia.exe
-
Size
411KB
-
MD5
e72593418f57c970cf70ad3fc2c31db4
-
SHA1
e6b5b23906f6309f553cca4fd47cf9fccc19dd4d
-
SHA256
ea9ee0c8206525a06d69fbf7ad880188e5c3c172db28fcee20faa0a12ace33cf
-
SHA512
e377358806c2778bf8391bdd4cfda09c6ae1e0613784b64c896516fd8a62aa2f59eb2f37321475f87aa19b4b9c02722a4a752ee9e0b4634df97e5a12acfb5c32
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFPfgjX+5q9+qxRO8HMxTh+ysq8iO8cZg1Y5QSqHI:gZLolhNVyEifgj8ug8sxTweZcSsqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-09_e72593418f57c970cf70ad3fc2c31db4_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-09_e72593418f57c970cf70ad3fc2c31db4_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\412F.tmp"C:\Users\Admin\AppData\Local\Temp\412F.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-09_e72593418f57c970cf70ad3fc2c31db4_mafia.exe 35559EF04B5ED2677F485C963A5AA228DD6EC69D10F01C142B481D2D3657C18611859D379404190966524D4E332736D78167FDA1016F9E0D598B26A9F672E2B12⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD53548dd39e4d94b59c797794648684f6c
SHA1745b6ae05440563450af0a6416c37722d33d7af7
SHA25685e1754295664769961f653e4019330717d5df3be3e79375552dd963b50ab1dc
SHA5126a19ba3d857e0473d062f2f3c2b1a57d58f6605a6bf847efec4d6d35cb57908ac813f26620e1d3607c3fecff0ca3dceb8cf02f0a48e1b19d58c650f7a8efb8a4