Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
18-03-2024 13:48
General
-
Target
2024-03-18_b0cb28f2da2fed1cd2ac2695904c225e_mafia.exe
-
Size
412KB
-
MD5
b0cb28f2da2fed1cd2ac2695904c225e
-
SHA1
cd853241956f3bc635a05811fcd0761e010c4a34
-
SHA256
56ea31235d41d2b70809dd016c37a38e36a154f790cf59af21bb7d65feb1733a
-
SHA512
26f595ec6aa0fa4b96579699c484da2de71158b188084aa0b9691a2f44c57c3abcf0b899e625666217291a3c2a9ba5ec88f3ddd2b5a5cde04124009e58af3278
-
SSDEEP
12288:U6PCrIc9kph5RK4Hokm2HL9b7J6pDxRyQMF:U6QIcOh5RK4Ikm2Hhb7J6pLyp
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-18_b0cb28f2da2fed1cd2ac2695904c225e_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-18_b0cb28f2da2fed1cd2ac2695904c225e_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3420.tmp"C:\Users\Admin\AppData\Local\Temp\3420.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-18_b0cb28f2da2fed1cd2ac2695904c225e_mafia.exe A8F02C8DFAF2C998B8EF15F9924EC16E4A9ACF2293716A43BAA5085EA655F68DCD4AB7EDF4CB0D73F9AC874AB681B8C742672F0498D909663AC79783866749522⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD55a3cf5dc0abc212e8fb901b465c2bb0c
SHA1e6b33b63547aabd6188723a34ef7c9fef23aed93
SHA25681d61a98b7e471223473efaf0a24c1a757c830f86d332a0001bff2420c4a67b1
SHA512900d13aa7063c4ac62bcdd59f9eb3fa4d0f2cd849d278a7c5a16d27c6259c93a83149f9d6a6e9e4a1a867ca4f87739477222a97f5abef7b11e364196b2a14e82