Analysis
-
max time kernel
92s -
max time network
145s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
27/03/2024, 14:26
General
-
Target
2024-03-27_1e34aae46adae700c1c4f522b61f836a_mafia.exe
-
Size
412KB
-
MD5
1e34aae46adae700c1c4f522b61f836a
-
SHA1
37df8f73a071096cd49c543f826c56be5c1d2946
-
SHA256
fa219f369ac9845384a9871b3cc60f7a3f6bb444499d0d76bb55fa2621e548ca
-
SHA512
d67297812f6bc6dd24790ca0d948899ab20308f64b87c4180affdc97ca23964506aa46f18b8dfd8455a4dcaec4074a63c6da3956c7e6e7490ddcff0c86d518eb
-
SSDEEP
12288:U6PCrIc9kph53HweTQM/qnbdExFQTgzSj:U6QIcOh53Qe/+bd
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-27_1e34aae46adae700c1c4f522b61f836a_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-27_1e34aae46adae700c1c4f522b61f836a_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5062.tmp"C:\Users\Admin\AppData\Local\Temp\5062.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-27_1e34aae46adae700c1c4f522b61f836a_mafia.exe 5B21346133855AEE7B2E997832BFED0BEE3284341B6387CBCCDEA7FECCC1D15E26B72E5D8957FC50D14CA6FEA4B704A429755393BD68D386A18C2B0DDE1EEFA52⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5e83b03f8f6006e5f0ab181c1d50dfc57
SHA1566118936bdd5e350b2f0f088a069c87f9449b4d
SHA256a7ed6c5b14fc9b273f5fdd56fdf8671197439346a2c7ce54c61e137793353842
SHA512aeca5eee67cc13f8c5434a421a5165cd4b6f0b5c87c71d9886d974658bbe36c83fa5d1bb94b09840c762088c92ea559633bcebd1517c83174a7e281672348f67