Analysis
-
max time kernel
113s -
max time network
137s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
21-04-2024 04:45
General
-
Target
2024-04-21_3a32e75560b4661e3d676afab6e1eb8f_mafia.exe
-
Size
413KB
-
MD5
3a32e75560b4661e3d676afab6e1eb8f
-
SHA1
314735597c380fb06d7e72ec3db6c6f274dd7e35
-
SHA256
30a0bad885b95f77e440cb9298bb895030db5e15283c3efe06a33c299438737d
-
SHA512
798ddbc08e7180c1423b2f00e044215758552fffa0ac259c38e8cbadafa60c2e0fdabc4431fddcb37525b1a6e95a0a89eec41691547080a68bd83cfa8f9fe768
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFx7BQMDsyO713hqnWPcBytok19qHg:gZLolhNVyEmQMDsyOaHByCkDqHg
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-21_3a32e75560b4661e3d676afab6e1eb8f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-21_3a32e75560b4661e3d676afab6e1eb8f_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3086.tmp"C:\Users\Admin\AppData\Local\Temp\3086.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-21_3a32e75560b4661e3d676afab6e1eb8f_mafia.exe 2D2AB13CEE01309D71D8726E73809496D59C88104882BE056BB34B42E180F6CFF507C444A48E32F680BEFC45C6D6F9C2907613AD0ADE742F01710D2C47180B4C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
413KB
MD5de0710a780da4d3274274f745bcf8d65
SHA1b42c114160db0d1c1cb65675c54889f46c984e2b
SHA25682eb75a7b71528c7cce1e2baca4287093454fa27a2a2d74738375784e94d8cd0
SHA512e5bf21fd195fbbe48be6f173e64497a6214a01b7a584b1bffb11fd7d7d2a19ff1b0dc499fa301fe523c4b999c68d421ddd0508664207c527dc22b8e2644a1dc1