Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20240704-en -
resource tags
-
submitted
04/07/2024, 20:40
General
-
Target
2024-07-04_ccbba30a6e521702272d389a6e38f0c4_mafia.exe
-
Size
413KB
-
MD5
ccbba30a6e521702272d389a6e38f0c4
-
SHA1
fbad6f8b602ad8a7d21b7d73df526f18a0240c05
-
SHA256
3760ada13086acf2e6afd1a411e5dae94635474dcf0c683d5f7ecd9c95695817
-
SHA512
9afe9af89270702516e433bf45fc950b3069f59ae251c888a21118a40afe13bcf1331d192119ddd982ba1c5e4c34b639693d8257807006d1d0e142b1b79a6de7
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFbabfjm3oq7QLMejJrh0H8cQQUbUkOQeKvfqHg:gZLolhNVyEI+bOoqUvVwDRsnqHg
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-07-04_ccbba30a6e521702272d389a6e38f0c4_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-07-04_ccbba30a6e521702272d389a6e38f0c4_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\C563.tmp"C:\Users\Admin\AppData\Local\Temp\C563.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-07-04_ccbba30a6e521702272d389a6e38f0c4_mafia.exe 9C209D2ED6705619FD1EF430120D7BAAD9C84A46621CC4D08423CD6144E1B58A0CE7E59C04B2F3B501F0C31E39D54E9B1171A4F3E70A08EBAA78E7E03F7386A62⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
413KB
MD574acf7130f6189aec92757ec1ec319e2
SHA1115a92b26f5366482ddc7bd63f1a062de0308086
SHA2567b511c47f9313203e051425493cf48f5e0257bd449890c232c10a8b6b12eabcf
SHA51242ceb7c6935365ab5291d766f2a6eb854c350b5b740d7e16d6366252363b51e73a46d799ca65c7fcc25972f8256c952345d3d6afc54f3b96cc09601842d74f74