Analysis
-
max time kernel
146s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
21/04/2024, 09:33
General
-
Target
2024-04-21_7b148defaabdcbd93d591c0128176036_mafia.exe
-
Size
412KB
-
MD5
7b148defaabdcbd93d591c0128176036
-
SHA1
a0a8445823093770daceff8f7541ea5b9934a326
-
SHA256
c2f161fde0d96093b251d94384b4d88eb78f3c7f4e855876979852cb92bfbe4a
-
SHA512
f2b3954b9519f09a8f4a0df7b18aa97e02534bd22cac69526c8d9457fb3acc3d47866d88b413c3c0a2957c2e814cd19e3de23061fd006e7a58f2f324377ffeb8
-
SSDEEP
12288:U6PCrIc9kph5hRp0yh0f1BEpb+2qlKNI:U6QIcOh5nSyh01BM+2qlKN
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-21_7b148defaabdcbd93d591c0128176036_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-21_7b148defaabdcbd93d591c0128176036_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\37AA.tmp"C:\Users\Admin\AppData\Local\Temp\37AA.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-21_7b148defaabdcbd93d591c0128176036_mafia.exe 278909E255CAEA062CCAD764E2527F1AC210F6D982522C085D2D0255FC694B916E05C7710A8FE183CE590C47A166886346C26AF6E1812FADF9AE81BA4552813B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5ac12b0ecd683a766e443c387be852147
SHA1b888b3dd4a945fd6e4d79228b584113d1094d4c7
SHA2561b2245c1362854f9ea3a96ec9ae68cbc6f789a0d7bf2fbf513c3a6c0363bee93
SHA5122d30c004a08849ee1372234bd21bb84c6b375c221787eee538ed7baa2afa6f42183b3a11b318b25c8ce26ea6dad1a87a149e7c1f295da53da9b18bb9324fc48c