Analysis
-
max time kernel
133s -
max time network
122s -
platform
windows10-2004_x64 -
resource
win10v2004-20240419-en -
resource tags
-
submitted
07/05/2024, 00:52
General
-
Target
2024-05-07_7cef2552e93938de53a7e55faa66f311_mafia.exe
-
Size
428KB
-
MD5
7cef2552e93938de53a7e55faa66f311
-
SHA1
cfe809c297d0e60f073039e3a7e1a09f60d1c066
-
SHA256
71f3941e516d100854868112370dd1755221efbb80b69dfa47f3e734e1d0e649
-
SHA512
6fa3bcf8b665f6ce8aa1f10d69d6a82585b71d7f328800a696ef14593dd2325ff7998cd29eb6e9a13676f8b2dfb38e0a8690313f860793d079233181ed7d13a5
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFPrjnVaJFBfhkBmMyMovgqHR:gZLolhNVyEsPnVMhgqHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-05-07_7cef2552e93938de53a7e55faa66f311_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-05-07_7cef2552e93938de53a7e55faa66f311_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3B63.tmp"C:\Users\Admin\AppData\Local\Temp\3B63.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-05-07_7cef2552e93938de53a7e55faa66f311_mafia.exe 949698B76694A8904C873044A080DBA3B58737018895574DD8D53B1511A4AA923DBE3D0EE3388BE90D58BE9DEA1E2884E0B0215170DD29549F29775F8BFCFCCA2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD56a46c3fb6904618612bb50d36734f51e
SHA148581b10424adf79f3a1c7944294c77c1cce4a6d
SHA2567dc11b652c14a121273c55c27897c3daa421009721e76c43a4923d1fcdceb715
SHA512b8107ebe8bed6625e1748266d2b75416d18fc6e967de40b7b9f808475bbaf5200d3371d3d6961e9d231bfae6adf04f24316a37b4f42b214c986e42bb22ed4f6d