Analysis
-
max time kernel
92s -
max time network
100s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
-
submitted
28/05/2024, 10:32
General
-
Target
2024-05-28_7c62d79509e3939ef3cb5c4f2816db40_mafia.exe
-
Size
411KB
-
MD5
7c62d79509e3939ef3cb5c4f2816db40
-
SHA1
cb98d9187ff002068f13a3ad5a8d8630cbfdf531
-
SHA256
2e2bd861f0460323c07dd53a3f11f0d1f80a74beec087c81de0cacf362697336
-
SHA512
069dc9bff28016fa5a9463dfde1beb0fe60e56be6ed1b0404ee41848a9af36458467f5cb14091acc3eaa4ef6d6dd674eccc1ccd74ac73634223e714dfccdfafb
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFlppaiiYMa6wSVsNwBdt1eJg0xPjqHI:gZLolhNVyEg8iiWSVsNSdt1OvjqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-05-28_7c62d79509e3939ef3cb5c4f2816db40_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-05-28_7c62d79509e3939ef3cb5c4f2816db40_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\348D.tmp"C:\Users\Admin\AppData\Local\Temp\348D.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-05-28_7c62d79509e3939ef3cb5c4f2816db40_mafia.exe D0AF33542BDD24CCBDB89B937B56D9433FDD25E5AB16CE31DA79EE79FD90DF02776EF58F03AC44988B31A32587503E9729B0AC9BB578A43DFD3005A924910C0E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD59ce2f4f0d0369c3f2126bf1b4a47dc10
SHA1528d108005c66d40996ee144dc2234136317d38c
SHA256702a32e067cd941babcb632e554c186329cc08cde544ec7197feca5b6ca4a209
SHA51260de9177095e3aa0a64fc263fcc5571cea5a89189a6bb94acaa7444cb019953c68820fca17021e5bb05370bb98f9a9625e9ef1173ce7b7f3611941570ff31268