Analysis
-
max time kernel
138s -
max time network
100s -
platform
windows10-2004_x64 -
resource
win10v2004-20240419-en -
resource tags
-
submitted
30/04/2024, 02:54
General
-
Target
2024-04-30_b0c9c45689cf7b6378690274fafab7a7_mafia.exe
-
Size
384KB
-
MD5
b0c9c45689cf7b6378690274fafab7a7
-
SHA1
bc5cf520f3981b159ce39ae59d3936d06988920b
-
SHA256
bb11104b206351f7171752d38443081aa3ba307c8382fae399e1b08c3262f925
-
SHA512
ebf5f02cb36690fad5ea6341d9a3be06d5ed0cdcd07fd7e246d82c9cb8d60a632ca49602b9509ac2a83cbf2844673f7193f287bdb9867062cfb935c3a2b84b12
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHrdIbtqVp/4q5CvIGe8xrCfVH9Z:Zm48gODxbzEbtqcG0brc9Z
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-30_b0c9c45689cf7b6378690274fafab7a7_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-30_b0c9c45689cf7b6378690274fafab7a7_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4AA5.tmp"C:\Users\Admin\AppData\Local\Temp\4AA5.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-30_b0c9c45689cf7b6378690274fafab7a7_mafia.exe FC095EC09B469532D495FE784D7D03708D0966F6C3CEB6552D74AC74B640EF27E698B87C3992630EBF7B8763C73A44E97036D1A2B62092C74EF42DFF218229BF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5a878c8a0de33869ba859ebcbbd25d521
SHA1a250c0eb12240cd645bb9df47e50ae61b7d526a2
SHA256628c781c60ea8e6144dddc5eda189a1d044721271a078adee384d0259b1eaf06
SHA51234246dad042b781672f4b8fb0621c6d94409f344cf786e2c579bb73ff735dd3d0af11a270cf9ea604297224373a647ccca03e41b2e305c4e7970ecce16e14446