Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
08-05-2024 17:41
General
-
Target
2024-05-08_7cdad0577898b7348f20771ffa7058e4_mafia.exe
-
Size
411KB
-
MD5
7cdad0577898b7348f20771ffa7058e4
-
SHA1
91db22cf9e7e1eca81f4588afc8bca7476a7c37f
-
SHA256
29b04b3c2fac407f11bdd1575aa53568c4c0587c17a3c38011c8cdc8c03b8a33
-
SHA512
fcefe09262c573c3a1ae863eb0113d42c56f65c337b58d534c7119209529b8da8ce5097158ebd7cb92e31c7f899770238ea92a12a6ed9caf086d91b60ed7cdf3
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFgh+nlIAANQd/+OnWHFC08Cy+lerBYJFqHI:gZLolhNVyEunlHANW/7WHxLy+l2B2qHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-05-08_7cdad0577898b7348f20771ffa7058e4_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-05-08_7cdad0577898b7348f20771ffa7058e4_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\44F8.tmp"C:\Users\Admin\AppData\Local\Temp\44F8.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-05-08_7cdad0577898b7348f20771ffa7058e4_mafia.exe 64806940E2B114A2D62D091F2A8B2DBB0111C50AAA3AE2B4ADA1B31942958F12071FC633471542BA4A43B9C26AEF555AF0CD7EA91174ECE60353113CC74B9DFD2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD5ec211248a703bf04353b144d784162b2
SHA10941f93ce95dc1c3c4fc3427b27492b4fca3af14
SHA25669b99dba250ada50e2564e3f36d5b1cf2600077d39fb28dd886c93e58ceedf5e
SHA51246ccd0be216c7c8e22c47ba7f413e3ee6333cd077ce1d42ba420ee2682b4dd71e113e4436250c84e81311bc59613ad434c328a360356b182f798a65f6574c27c