Analysis
-
max time kernel
147s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
20/06/2024, 06:52
General
-
Target
2024-06-20_e8d12e64c83c74912e2b09ac228347ba_mafia.exe
-
Size
411KB
-
MD5
e8d12e64c83c74912e2b09ac228347ba
-
SHA1
6ca86fe4e0bc23b0c5e5c91b540cbc848847deea
-
SHA256
4c48cdad326d41598ff54254e91c86fea5505bb48584e6dc01eaa38d8877c81a
-
SHA512
d3400a04837e22b6b0f8da367221fec499f12e889edb513080b0a1c645de1443f0dd875f3e06757cc220b097a8708d57f88a0f2256ce4cf329409a8f0da4e1c3
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFZXjCIBLGj+T5NQgP9tmRuMoSd4+yZWqHI:gZLolhNVyE6jCQL8M518uMoSd4+yQqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-06-20_e8d12e64c83c74912e2b09ac228347ba_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-06-20_e8d12e64c83c74912e2b09ac228347ba_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4035.tmp"C:\Users\Admin\AppData\Local\Temp\4035.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-06-20_e8d12e64c83c74912e2b09ac228347ba_mafia.exe EB9AFE07A0E5213714DD05BDF6A7FEFBAFA86431658116B84FD8109A8D1E80B5DC354164D4D4D63C1D4FD03EB359FB6C76182C7F1BF9B4B4D8BE653ADE5874362⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD54ecac266a8ebd8322b69e9657c687fd7
SHA177640e6b9ecf676f8423fa45b427297f999e3112
SHA256f4dc4918320ba6262afe251cb2bb4e4cba010cbd18267dd49b853afc054bb78c
SHA51247804e8753b81760a7b312ca61f32e71ae62a61fee5b0b0c4b9f8dffd4854fc42730a9f5f2f984cc01b84052765f82c04973f225e57e6ff36fe17689b343e183