Analysis
-
max time kernel
94s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
15/04/2024, 02:23
General
-
Target
2024-04-15_06d320a9f3da92628fee33dba38ec438_mafia.exe
-
Size
412KB
-
MD5
06d320a9f3da92628fee33dba38ec438
-
SHA1
7d82ed6502ee3b81794fe44ed1697df8cd6c8702
-
SHA256
d5a8fb994c837bb9427293b29a18b691f669cb77ad33bcf58ea14902cda26b07
-
SHA512
7eac8fa6051ba52ef59e6ad4ab6bfb83568c10633cbb51d58bd5cbce11be156c064b597b44ba7384df134b7fa481a2f0031c47cba589b0da3a91ed92cfc78a50
-
SSDEEP
6144:UooTAQjKG3wDGAeIc9kphIoDZntXJ9ktm4Br5lbjezKJ1IwbP:U6PCrIc9kph5DZ9ktpr59eYZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-15_06d320a9f3da92628fee33dba38ec438_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-15_06d320a9f3da92628fee33dba38ec438_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3ECE.tmp"C:\Users\Admin\AppData\Local\Temp\3ECE.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-15_06d320a9f3da92628fee33dba38ec438_mafia.exe F547FDF3DB882DFE1616FA750C65991F033B7ADB9DEF69F6A8C2C6C678549693C2EB54129D363AF380233B234DDCEA1BE2E3DEBE4B6EEA82CE15777FB94151312⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5a483d2fb7ed538a2a20907c1263b4efd
SHA1ecb14237c1bee829e8582e570f7ff5564c4a27c9
SHA256cff94a9636b37378f05855d6cc15a2336f8f05a49a09d2a93a69ddf8c2a8f472
SHA512fa7b8beeed1d8b683d03df6e484b26877e0bf743cd05d2b10efca84bf98ed9a329846bb58b017e094514f8591296ba1fd5d003d2ca5dcdb7cc2c9cbc4f640026