Analysis
-
max time kernel
146s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
12-03-2024 14:34
General
-
Target
2024-03-12_68407baa69247833bb8f3f6063a73a83_mafia.exe
-
Size
384KB
-
MD5
68407baa69247833bb8f3f6063a73a83
-
SHA1
2a840b49f6402376a3cad5d8f6dc2f25b1b2ba48
-
SHA256
e8a4aa690fcd4ed677a1c41264957ca814261886a5662afaff8c47ef6b3b7772
-
SHA512
e345888353a8dc0acd53d1f3eb19b16701fa0f54533c077b791c1ee5db86cd7c2493da15318e58d8835ab3d5908f373df6e47e2038a78ee552512d7a5f22c317
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHfKpEUwoCF7Kel5pdwtPNKwfvoMCZ:Zm48gODxbzStwoCF/vwlNKwCZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-12_68407baa69247833bb8f3f6063a73a83_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-12_68407baa69247833bb8f3f6063a73a83_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3BA1.tmp"C:\Users\Admin\AppData\Local\Temp\3BA1.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-12_68407baa69247833bb8f3f6063a73a83_mafia.exe 53DF638BBED4573C8DDC3C0FAD02CDBE541B505C1EE9A055B9BBF24BBD894A045C6310F58EB7FE76A49850AF6B96C4CC13D266BFE596C8BEFD47DE05D7B25D802⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD51de9c894d1032a696327a0640f68b811
SHA1c4cb271bba36605158c7697443d3c6c3df3dbb4b
SHA256e9817e0fff881041cface828ba32d72219de07d39ad424d8abc1ca0180d70a4a
SHA512bd533c2cfcc60739c2c06805db90fe147751da90a5b7910459f834e67d49376d5e2a3c6b2a8e12c8899334a383befa9a1c01542124cb7f55a4d9139a721ac123