Analysis
-
max time kernel
94s -
max time network
113s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
18/04/2024, 07:44
General
-
Target
2024-04-18_7aa13040979e689429fdaf04f710e0ea_mafia.exe
-
Size
412KB
-
MD5
7aa13040979e689429fdaf04f710e0ea
-
SHA1
c56756c9b5582a8630a6e938fd3514d3d57d40a3
-
SHA256
a6a8072e55eadfaf592f4034ac0f1abfaf29bb233848fe82330bb8e50821ab51
-
SHA512
b96a59014f5c4a867aabf961918c26e6740ea9253ad039895da64aabb9b3a62686f4131fa36d950bc1ec8e749444cfaa00c8324ae665f5b94eaf2adc681b98b9
-
SSDEEP
6144:UooTAQjKG3wDGAeIc9kphIoDZngIBYoOC9Y7ei12Un6g211o6UZLGhfLVtoP:U6PCrIc9kph5SuYoTWF18g216d
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-18_7aa13040979e689429fdaf04f710e0ea_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-18_7aa13040979e689429fdaf04f710e0ea_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3652.tmp"C:\Users\Admin\AppData\Local\Temp\3652.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-18_7aa13040979e689429fdaf04f710e0ea_mafia.exe D2E813A462F5CF8C7B5613305A982082F0E35DBA19DE3004BA8F18241F3C69AD787BA491D0CA01060E5332A44C6C54E7C7A1B1C36B1B097A85B09A539EED3DB42⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD54d79d8f03c46206e2f916ce0753b5c4c
SHA1a9aa7cc14ff1101a31b22397e5ceef3cb0c6fcaf
SHA2564a5489da7ec72e7b1de363ae2cf1f969278720fb4b433bdd289234626f9879af
SHA5121077ad7f266054ebf4451bafa38364b85cb2fef585b2a6a49c615137d9fb00b7d2dc175b03aa3d494e1042b86395d50525bdba49dbf09db21f2de94d3bf896b6