Analysis
-
max time kernel
92s -
max time network
135s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
16-04-2024 05:27
General
-
Target
2024-04-16_f1bf16f85382c29ba25b19c8bba3d33f_mafia.exe
-
Size
384KB
-
MD5
f1bf16f85382c29ba25b19c8bba3d33f
-
SHA1
aaf5db6c7d21d2969d572962a55e2bf4c454ef27
-
SHA256
682ad93034e25c18ea9ef14ca113e9edd0057dd6a01d5645e0cda4ea8462dd78
-
SHA512
e6e437b76f719ccf1dc8579e9bfcfbf8df4a7693970bd38b08f384b67d94cf8f9659b262514fe282b7355c63e641450fad833c66d4441fbfec0911bffc8d77c6
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHs2UB8e2GuX1SEmlkUwqidMauw6VXNZ:Zm48gODxbzhU8lGuX1RmXwdMNwaXNZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-16_f1bf16f85382c29ba25b19c8bba3d33f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-16_f1bf16f85382c29ba25b19c8bba3d33f_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7CB2.tmp"C:\Users\Admin\AppData\Local\Temp\7CB2.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-16_f1bf16f85382c29ba25b19c8bba3d33f_mafia.exe D5400FEB255044994247843995543FFF7E911B21768CD368FDF9B15FD223A9D222CD3175E67B6086F0EE9535FC01EDABD4B716CD664D527BDC5FA721BBBF77D42⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5d4e494b74344455fed230a026842691c
SHA1bb1072cd4695b5427b8b401e0dfa3f1f9e4d5803
SHA25667f4abb20809c016b022e53cd1437dd9cfe17be5967dc8aea411841ffe4a2f20
SHA5128828777b006650af6eb7e01f00b2aec6b58dfe1e65d1968191fb43ca507618af4576605f93a035e41007ee5a2dde69278ef9077c6aff9d12b83297a562d7ac24