Analysis
-
max time kernel
158s -
max time network
166s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
04-04-2024 22:24
General
-
Target
2024-04-04_23ed6ce043d41cb586caa574f241e58c_mafia.exe
-
Size
412KB
-
MD5
23ed6ce043d41cb586caa574f241e58c
-
SHA1
062306e86c41e0750fa71ca31cce186b0d8f4b16
-
SHA256
2c13c61898e1524b957537318b7910550fde1e557aabaf3637d3191c681c838d
-
SHA512
7a9581cbbf2466d1947eaa2fbb5209e6dfbdaa54da6eb3d0a2cf3ab9cd25c11ec8f828907d48d9ca153c7ddea2efdd8094b647a8bdedec403ff2290dc521f1d4
-
SSDEEP
12288:U6PCrIc9kph5DD54vnzPVA9prhzOfTx2prkPT:U6QIcOh5qfzPVA9pdzOgrk
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-04_23ed6ce043d41cb586caa574f241e58c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-04_23ed6ce043d41cb586caa574f241e58c_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\D3BB.tmp"C:\Users\Admin\AppData\Local\Temp\D3BB.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-04_23ed6ce043d41cb586caa574f241e58c_mafia.exe E1D930A413DDE18C26FD0B6D2421FD5A0003D4099369D5F2B6489612456B1AF4739A9CAF35D7A026902FBEA10AE42E125CF88EC20BB214FB605BD647DEA815402⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5fd432e32530086a727153b980aa8244f
SHA163f6f5de377bc3ce9605ce12a672ee66dd084bfb
SHA25653bf52b4ee3c98610bcf06d50425fa28890befbfbc16dc19d3325be6cf1531fb
SHA512ce851e057f0ba758783722fd6e265922c462ac4a1292e6987d05a99bceacd05c2af68d0587dc33f2183a5f671932d38aa55711bbaf0e575a726014a820f3dee6