Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
04/04/2024, 20:37
General
-
Target
2024-04-04_d264a2063419ca532893f7206744fc7b_mafia.exe
-
Size
428KB
-
MD5
d264a2063419ca532893f7206744fc7b
-
SHA1
021ff132760ef3691825021e4ff979fac615b7b3
-
SHA256
92ecd33e572c7cb92caad6d6adc18b3ca1f549fc56c16ab2b0198f7f7f36e9c5
-
SHA512
e1825194fa80259deece66a416fbc78ad02d350a604543c00411166c4b477d9261d39bed9c977d4933c411aaabaffe192918036a31eb70f873f2760f184901fe
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFQULz8WgJkgA9Y0+i2qOwSkm86nYl/wpqHR:gZLolhNVyEELz8NboSkYpqHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-04_d264a2063419ca532893f7206744fc7b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-04_d264a2063419ca532893f7206744fc7b_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\378B.tmp"C:\Users\Admin\AppData\Local\Temp\378B.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-04_d264a2063419ca532893f7206744fc7b_mafia.exe 452B6FF804409B731F705910661EB0902AE7BAA01E44B9697F508C2E4E0D79483DB55C079D18A3126FCB6B67639E6EE9308D4ADA37A0094C739157B75CE99AB92⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5f61c30ba6f3f0b7acf2f0cc0f2b2fe29
SHA179eb0a3e761f136a8fe6452620b1e812ec7ab22d
SHA2565f2768f70c10232ff1852e9bc83c6ae97e3b2687760881cf7e45a78420860142
SHA512bd50c3807791244abf3f4ef1ef90aeacd8bbc4f4eadde67579cc51f42ca570a8f7c117e56238c9f5ca51303d4017a691f65e21240519f51edb25c5a2b22bd878