Analysis
-
max time kernel
133s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240419-en -
resource tags
-
submitted
05/05/2024, 06:23
General
-
Target
2024-05-05_19d8cc49328e94f2b04449478e2e15e1_mafia.exe
-
Size
413KB
-
MD5
19d8cc49328e94f2b04449478e2e15e1
-
SHA1
c4c9af9722775f5601dd56bf769af1cb8d18e6df
-
SHA256
5c4717a700462d20912f63494694671eb77953ddae2ec4496551cd07074a8a29
-
SHA512
8fb0908ca53a8cf5e58fe40545e64f11f852fa1237cd250d68ff0e8c632cbada33b43360d7393e0421eda86c632663583b96a3c05b758b1f30580c6b0aa56e1b
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFBqeBLtK2fRFZ0q+jTBBvOZMBT2P9mfLTdOYxZqHg:gZLolhNVyEiBU2/ZB+jSZMpwYxZqHg
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-05-05_19d8cc49328e94f2b04449478e2e15e1_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-05-05_19d8cc49328e94f2b04449478e2e15e1_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2C01.tmp"C:\Users\Admin\AppData\Local\Temp\2C01.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-05-05_19d8cc49328e94f2b04449478e2e15e1_mafia.exe 84D47C267CFAF8B5D173B4AD10B10594D39DA620FC96B3629E4D5E047644C8C2A1A37FA3959AF34FBE1F6EAA875418FF7C5D9EC9C63D0BE5FB20EBACA0B44D532⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
413KB
MD5a6e5c34bfab536ee3c852cfca6df08fd
SHA127be9f73b64c4b2446f8e497d8e5a3f423af8816
SHA2564df515b11c1d34f1f6e4ca5c565f1c87f96e867cc87e249cde1857254fb7b924
SHA512969d9cfc9ae2cc3e9f473266dc6099152b28fa043121266eb86cfb0bf7cee47adddc5016ea7bf3a1a0b7679d155be05c28933e4b51d99a636f5096b8a639537b