Analysis
-
max time kernel
149s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
20/04/2024, 16:52
General
-
Target
2024-04-20_ad5245e6b7858a68628f597c8ce8625c_mafia.exe
-
Size
411KB
-
MD5
ad5245e6b7858a68628f597c8ce8625c
-
SHA1
7f118eaa57684737b3901e0dbd309c27a3d25edd
-
SHA256
f405b4c1d34c804b45596711b99170722bb5b9159ab61c9d98e5b1eba45d9ca3
-
SHA512
3938867a438dd79a546263c5a77c9c8199399fb5c16092cfd9d93f1ba6386950e1ca492352428390354e9331675d6a5ab32cf72255ead06e07b0550c4bf0699a
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFGr2L3JdeNIsD0lZTuwqDlDo/4S8K9lqHI:gZLolhNVyEprA3jeNqLPSmssqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-20_ad5245e6b7858a68628f597c8ce8625c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-20_ad5245e6b7858a68628f597c8ce8625c_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3B05.tmp"C:\Users\Admin\AppData\Local\Temp\3B05.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-20_ad5245e6b7858a68628f597c8ce8625c_mafia.exe A27761B88830D62A1BAA09FE324310DBD65B34195CF5C874DDD975DD6BF8DCCD1EF00C30775512ABD6217A9C59DC8625792A6E3E5886DA47EDE65D88DE5A22A62⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD52ea45861ce192de8d1874ce9ccc26655
SHA1e0dc8c29086d06ac2ff047917a8921d16505963f
SHA256cee54857f21f875e5f913d71c529fe755e7e2bdde81a45c8f9903cf80dee5027
SHA5129df45b2b52fb482a61bf923b5ad3cb7e3fd7dea1fbcf5c6190dcdf68ee65acf1857926585bfa3b50b3ab04314d797e80366225397127b30464fd695d81969db9