Analysis
-
max time kernel
93s -
max time network
112s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
15/04/2024, 05:45
General
-
Target
2024-04-15_4206d9eedc0ca9ec78af598fe8232b8d_mafia.exe
-
Size
428KB
-
MD5
4206d9eedc0ca9ec78af598fe8232b8d
-
SHA1
dbe6aaeedca351277f8306d484f41e009aa97b92
-
SHA256
cc1ad04adedc8a3d50257b8d37abaa559612e48d311e9a07319cb09c55781de7
-
SHA512
f4ae9657114230099adac9d82c45a4f87780a25bed4a06e2b22b3b7adf9a916f9567f2479dea32ffd80d3b24a6fa2454b8c0cb2058d5e55c67b63ee7e88629b8
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mF+L0AJLec2VaAM9qmj7ZJEFaYpH8xL3qHR:gZLolhNVyE7wAJ2wfZJEbxmL3qHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-15_4206d9eedc0ca9ec78af598fe8232b8d_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-15_4206d9eedc0ca9ec78af598fe8232b8d_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2C21.tmp"C:\Users\Admin\AppData\Local\Temp\2C21.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-15_4206d9eedc0ca9ec78af598fe8232b8d_mafia.exe C55976FB53F426EEBAF1F5F1D0BF24FC09217C252057AA42C538DD7D38A130EEAF46352CB3AF153F83613B5B8239626F94E03982AC3D71E11F721AD8FC9F8F6F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5a47e938de6d7ccb28ae881038318d633
SHA1961fe744d610959407f7dd34af8f7354fd1dda1e
SHA256fba083884a7fb1146c381b01ef387452839de515a67b7d0ec7040436d6d5e3b7
SHA512b2c5e4d5c96e0aa6e2624d8d73e1a11c04799e8b852ced53b6acd60be20cfd459a26f8fe042ac6d1aa0f136b27654701f21f86bdac71662171534492f5c85222