Analysis
-
max time kernel
150s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
25/03/2024, 20:42
General
-
Target
2024-03-25_c42604be35694f6c3cf508c7df9cb5ff_mafia.exe
-
Size
412KB
-
MD5
c42604be35694f6c3cf508c7df9cb5ff
-
SHA1
5685594eab7294c8e6ec9a70ac87e9915f82f46d
-
SHA256
50c6b0bfdccf2511b84f0fdf4f752ad7834649d66f17173c6523fc3613c3b3a7
-
SHA512
6aa2ed93743026fe77785edbd2f7d0de2a48df7a724aa5dcab131343bb1d4a87c7e84d98a0ddb212b69decb3abd43761851efd50ecd976c656082247fe6cefbc
-
SSDEEP
12288:U6PCrIc9kph5QVSLyJ5IZp7H/Rx6CFnj:U6QIcOh5QVSDZx/6CFn
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-25_c42604be35694f6c3cf508c7df9cb5ff_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-25_c42604be35694f6c3cf508c7df9cb5ff_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2FCA.tmp"C:\Users\Admin\AppData\Local\Temp\2FCA.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-25_c42604be35694f6c3cf508c7df9cb5ff_mafia.exe 0B2BF559B806D466990EE26A49807B5F597585A3CEBEF02E5AB2E09ABC2AB4E333EDF694B8F24485FC2CA8F4DD621B6445B8BBB22822BEDF7C04D048F5E3AEFD2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5aef5931418f01ccbcb0bc1acb041cea3
SHA1b1eefe8bbf162fcc28ca0d042c7b79e8d4061183
SHA256a6f51a0228e9f6bc37ca9bc590b19d75983c809f0eea2d6bbab3b953796d5e05
SHA512f9a28754a6ef9c352747580773517eb4611516a960b91ae0a7655c672a76bb1a6dc3e2992603bf19aa9b0f174d18c61970b4d1d8c2e34e86f8b6d79bc432259b