Analysis
-
max time kernel
150s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
-
submitted
07/05/2024, 00:56
General
-
Target
2024-05-07_b25009223fd22531ea320eb6ed9394b0_mafia.exe
-
Size
413KB
-
MD5
b25009223fd22531ea320eb6ed9394b0
-
SHA1
2f7ce3e3c78ab8ac9d5672c6e0f96af8da804aa3
-
SHA256
2b94bdb356788a611bf15eb1304bd3afdde798cb08c594e8def7002be78a3a5c
-
SHA512
bde1a20556bab6339c955d05df2bdbadc5117f1aa406f701ec2c9404715e0c01a3703e33fb4b77ef0da6cd96f0b3bfeac55debc8a5d866d6f53e71ad68804967
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFXWa+sija22LCW3iqEQOlkathaiYN6KqHg:gZLolhNVyEcH5iC3rvO+IhamKqHg
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-05-07_b25009223fd22531ea320eb6ed9394b0_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-05-07_b25009223fd22531ea320eb6ed9394b0_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\514C.tmp"C:\Users\Admin\AppData\Local\Temp\514C.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-05-07_b25009223fd22531ea320eb6ed9394b0_mafia.exe 210B41988F6B80F1033B19128F09BCA9A68B109CD5EC876083A8BDCC20C95CD626BA986312B85E76432CA2A6A3D3CD0C1D65B441E974B9ECC55EEBF1E3FC8FDC2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
413KB
MD58590bfdfe12c31d7d622240058eaaabc
SHA13cf0d9bb3b40888a72712adc71229acce1e42243
SHA256235a1224529d9f04050c22d87db1a8206069ee317612143d04f6a25059aaddd9
SHA5124484c33216ddf0391e25c9c9ddb37e66dec0a8856e6d1d64d5d2717f57cc25ee774331fe3316b4d6abd195a31aeada7bc7f3ae272fc5afc1072d627b37e6b4f6