Analysis
-
max time kernel
93s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
26/03/2024, 18:29
General
-
Target
2024-03-26_4b6d90be529a3db6d59a0f078d0dbd5e_mafia.exe
-
Size
411KB
-
MD5
4b6d90be529a3db6d59a0f078d0dbd5e
-
SHA1
1cf8d3145d6cdd24b36e9e1efcebf476cf7b8385
-
SHA256
9ba376116978f4cd1c8731a467469c2094ac41fe4b68c5bcac5edce0c08bf75c
-
SHA512
e8af34682945f07be9835ee33b13d153260dc1c6fafa8baa16f368c05fa9f421ee67fccbe1482825cac36ef1ae1f41d58d7a1ff52a3edc7fb38ac8b7ab91bdfb
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mF+lfQrWeFlEoIZAV7I0AKiua/WvDqHI:gZLolhNVyElfzeMoAAV7UH+7qHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-26_4b6d90be529a3db6d59a0f078d0dbd5e_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-26_4b6d90be529a3db6d59a0f078d0dbd5e_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\562E.tmp"C:\Users\Admin\AppData\Local\Temp\562E.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-26_4b6d90be529a3db6d59a0f078d0dbd5e_mafia.exe F14F58720141E5D273BCA26BC067918A00ADE4F0BFF7AAEB83F8C89129BD000461F80E692EF528A40C62E745AA29E5972721ABC3DDCDCA8CE26B185C883909472⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD5f7b8b50585da39904a302583b0f01c16
SHA194889fcfcf6e078565405dab5ef93a6d5e6f6e89
SHA256f5d76b0abf3e756ad2c4fe264615064ea934c21df6119ab28964f1446f8f9895
SHA512959df7ba2fe4b4b642b200c468e8f3986a3fe4cd9a12e0440641d8599ce2678c370368756696798e0ab6d3b7ba9279d992db852e8f31d10b40ca060dcf45ccf2