Analysis
-
max time kernel
134s -
max time network
106s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
-
submitted
15-05-2024 15:44
General
-
Target
2024-05-15_528e59885bb95f63f577ce0507ca35a9_mafia.exe
-
Size
413KB
-
MD5
528e59885bb95f63f577ce0507ca35a9
-
SHA1
8172f7188c28560f6c31a07ae099e1eaf172b692
-
SHA256
0b559775c18b055366ae413b93272affc9743f74473fde359947f4a6317820f8
-
SHA512
853b6991f047dd63a37b35866577cd0f490ac03ed1cb630ffbb483420b6bfcb479ee2878c8afadcfea0a750cd7a7763b4fb6e9a01be4e643325fb6d7ff9e5f37
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFNoO2J+ptibtX8er/V7ahU8q+7CMWol54qHg:gZLolhNVyECtiRX8ebhL8FCMPl54qHg
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-05-15_528e59885bb95f63f577ce0507ca35a9_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-05-15_528e59885bb95f63f577ce0507ca35a9_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\467F.tmp"C:\Users\Admin\AppData\Local\Temp\467F.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-05-15_528e59885bb95f63f577ce0507ca35a9_mafia.exe E6AF54A089B0FEEE5B777932803564934163D1ED449F73D865767C3FE72367ED598263B79CD812FDCBA1DB0318BD28A6996AB94AD1E79B92F82AE2A8AAAFD0A42⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
413KB
MD5db7ff233b19a88e51b2502aff4a1a803
SHA127bfcd4a3068fa6a53edec1e7337d7adc3599bed
SHA256e502043de7624898ebb0261bb0cd54859c950fbbedcac37eb2462eba3ee27bbd
SHA512ed4984564c87eaf90a77427afd71769ffa35c7bd7eb4ebb2986c9d4557ce03b47cfa8b26469124b37e868ee6457cae645cb9a418704285fa41d3ff39181132e5