Analysis
-
max time kernel
148s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
16/04/2024, 17:28
General
-
Target
2024-04-16_5a69939fbafec1d30787892413a1f1f5_mafia.exe
-
Size
411KB
-
MD5
5a69939fbafec1d30787892413a1f1f5
-
SHA1
2816de03a51154c8e26c1f1bf14ea0a297d171aa
-
SHA256
bda45407d060b587cb3fbb95e320130079942fe99e04831209ef52fbba07babe
-
SHA512
325a68680de075302adee33a8e8a0d63d46e08fe041de63b5e35d21dc5ac2f907ad29ac59901f329cfaac21229b5dd9b410b35f57cacf97bc095fe65ce3850d2
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFpPuNUrOdIucf0/TTdjs8rUE6qHI:gZLolhNVyEiieM/fSCmqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-16_5a69939fbafec1d30787892413a1f1f5_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-16_5a69939fbafec1d30787892413a1f1f5_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7D8C.tmp"C:\Users\Admin\AppData\Local\Temp\7D8C.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-16_5a69939fbafec1d30787892413a1f1f5_mafia.exe 74A80B409D0AE6A1284E08B23471120A41F2220FDACB45D6913E8C63921D241EE68B1FC1F42BC8C263FAFE65D1D3B6B042C2C6DED58D1D5FBF372F10594E0F162⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD5df2e03473f539a4fa5e95841a96a3535
SHA12373724982ce01e96f4a11ec8815d6027a03e2f5
SHA25642640519e56ed93f3ed91065d9023c6b24054ad29c2bfede6866bd2e2d3f3989
SHA51247d008a6777b7a607b0c98014be4be8feeca736dc3fa9cf0e5a6c1ac36d36088cb5f0e73c52da045cfdaee49be8af26f75b731d44c518a0a07590a0faa56224e