Analysis
-
max time kernel
149s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
25-04-2024 21:52
General
-
Target
2024-04-25_fc19f0578f8a6c83582d5d8dc08b8155_mafia.exe
-
Size
384KB
-
MD5
fc19f0578f8a6c83582d5d8dc08b8155
-
SHA1
ed0ad50e1eb60ecc77a008ea30943ea87eec962c
-
SHA256
43ef7490342a7176107f9683c15593e9f74bf1b1c02d59552af6cb012fc7f903
-
SHA512
8a02b8133b540550fc1456989913f17923173ba61c99248182316ad5ed9082c0933612ea0b01709dfc80f817cad41efd3f8d5416f99616af6fe7b0e8b544479a
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHYSZT3QTr2JfKe6X8JCtkUYzqfIXvtiZ:Zm48gODxbzu+TA87QWCuUyqfIsZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-25_fc19f0578f8a6c83582d5d8dc08b8155_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-25_fc19f0578f8a6c83582d5d8dc08b8155_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2FCA.tmp"C:\Users\Admin\AppData\Local\Temp\2FCA.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-25_fc19f0578f8a6c83582d5d8dc08b8155_mafia.exe DFEDC394AAAD54C48E293058550A05AFC479CA8AD2B8F6E56CDA44B70C34F4EDBB1FC33B07E5387B39532D2054DB1C63EE7D963A24868CCC2D904900E4A738422⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5f6a2be9ebf486f80b87691b5fc6109cd
SHA19035f8c3b3ed0fb5ce4c8d8cce6b66fcd6fbf790
SHA25656be09ef40f0ed3b800541dc7f47b2cf8fd7db72aaa2dceb191515e452c4190f
SHA5129cf57a880ec1151a86ec34d26a6c36f4b42aca75903d0b0f523dc69d18d86e731b2350b538bed49d7e082a7efa3f0c4e06c12784a192b484338787778fd75f77