Analysis
-
max time kernel
124s -
max time network
165s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
18-04-2024 12:26
General
-
Target
2024-04-18_12810be911076e6a12a4b7fabc55c466_mafia.exe
-
Size
384KB
-
MD5
12810be911076e6a12a4b7fabc55c466
-
SHA1
ba775278b298a2b4100715fef9359e034b8632dc
-
SHA256
4ce4304ce3f34ddd2cf911f0b0aff8e3eb0d6ec963d0fc7bc3c4187dccdb06cb
-
SHA512
60506e9ec57e147f1a6853bdb826f335f7e8f5196a29e8532820f9edbf0ed2ffd4b6fdb3b983c5836bb8ef72955981f98f60a69ea66451ff21f0d2812d823cf8
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHJwdB7ntFGCsCbRbRKDx4uG7aZ:Zm48gODxbzfwj7nDGClbxRWWaZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-18_12810be911076e6a12a4b7fabc55c466_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-18_12810be911076e6a12a4b7fabc55c466_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\176B.tmp"C:\Users\Admin\AppData\Local\Temp\176B.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-18_12810be911076e6a12a4b7fabc55c466_mafia.exe 37DA0529240B034CE8E0B7C499CB2DC9F4B1FB8EED70BC9C2A06E7D8E595BCE569402C21DA6164D8B0BE35B8F8FC65812C4473BB8B1E01DB11801B8BE78960562⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD59d6bab4bf38021cf45603738b013b476
SHA1806c0cd536875ae47d2f2e4ce2d1e53883c817bd
SHA256c757ca70704d0059bda82a387939ab12d76008fb7ab72af072ab355d32e9de46
SHA512e55a80497840b402389f282f42251516c4e532b87decf655561ee15f84fe828ba43d63de10f507936a1dacdfaa80e2e09667229cfbf3fc89825b30bebb22c76f