Analysis
-
max time kernel
149s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
19/03/2024, 16:53
General
-
Target
2024-03-19_bf76a8fea73b147155dd4837a8f87e97_mafia.exe
-
Size
411KB
-
MD5
bf76a8fea73b147155dd4837a8f87e97
-
SHA1
b60735603fd941ab50b69b335a1c4d3d0812337b
-
SHA256
39f6f21bd1250915d69912a1b594a8bc942d4e012ac6daa57772af83963a45d2
-
SHA512
f3321e70038e296932539c3b021d2e716bd61e4adce5676eb088cfe38502e914082ecbc67f9a2b4694fa0234d1dc8f55d9c20e91012a22fe7e83eb19f7f3f2df
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFDRWfHIDzhP/fC+b8KIY+4BzlxX02pHvqHI:gZLolhNVyEeW/2t/q+BI5YXXPqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-19_bf76a8fea73b147155dd4837a8f87e97_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-19_bf76a8fea73b147155dd4837a8f87e97_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\60DD.tmp"C:\Users\Admin\AppData\Local\Temp\60DD.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-19_bf76a8fea73b147155dd4837a8f87e97_mafia.exe 7D56AD2B8103AC11CAFE50D42429E28FE7D9C611BF35789A512A0AE1AF3997ED2835F72CE9E31815A3BA0926B8830B7D6932862DD6C3B0C01B8B6C44D56CE29F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD5be0b388199a738e289989060428dff12
SHA14c2dfa3563f9338eacfaae0936ee3606895bf0f6
SHA256f560a22c848524ec0ac93c0164596bff40bd6f2025376a4ef572f5b2614433ab
SHA5123bfd3823ed187e6ed03ff26b5ad86f5356b9ee85b0f65b6af299a27e14ba6762d3a8d254f234ceaa8fea0a2af8e09a3df9d303f2276c95d138497ea5dd4dc6b2