Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
16/04/2024, 05:09
General
-
Target
2024-04-16_b4721d37290da7be53830d3d328cfa0f_mafia.exe
-
Size
413KB
-
MD5
b4721d37290da7be53830d3d328cfa0f
-
SHA1
2421f7be9c90b91e60173e12bf0cc5ed7e6c33b5
-
SHA256
4f06a87f44284c74a401d6e61cd08d952cc04dfd880368e2bba5a55f5d6bae90
-
SHA512
f912d88dbc9d69b5bb83b7eb6d4dbbdf9dcff0a0dee420cd2ae09f380e0aa476e51efafb2e58c94195830daa1f48cb9bb6f7359f331bf7d92054dc76b86c28ec
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFTo1WJfkZbROt+usUi1IZ06gt4NEqHg:gZLolhNVyEJ1keRUbZZEFqHg
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-16_b4721d37290da7be53830d3d328cfa0f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-16_b4721d37290da7be53830d3d328cfa0f_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2B65.tmp"C:\Users\Admin\AppData\Local\Temp\2B65.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-16_b4721d37290da7be53830d3d328cfa0f_mafia.exe BF2BEF916498D1C80F211AA34F529B5DDD5F5DA85DF94131F4863CC46E2F20FB65732FC25DE5C8A8B214A73351E2276F08EA82DEC89D6BBEEC96AE9CFAAF8FAA2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
413KB
MD574f85838d665ff36d05edc7f7ea4d762
SHA1c769d260a2597f95606b240da2a6f30e0188bf69
SHA25681bb2e97547df6d305a0503e4e11c4a7df659597f93e250f4566972eaadd4024
SHA512de56bd9923e8fa890fbf6f090b3def5a4cbeafe6e8267c5a37dec6f13ffd4a8c09e0ed20a52c31cf936873809db1fa199fc938740183154cc7d2b33cb7c55f78