Analysis
-
max time kernel
160s -
max time network
174s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
05/01/2024, 05:39
General
-
Target
2024-01-01_22cc3bf2f1579af206be86bab18ad13f_mafia.exe
-
Size
411KB
-
MD5
22cc3bf2f1579af206be86bab18ad13f
-
SHA1
ad067fa3bc50ae18bbe35d7161fb3b3a7e782564
-
SHA256
1f7e8dc007ec3d3a68e0f0e54c24fa51f2028933935b6cbe56d6904202a95885
-
SHA512
56bcd7a428fb217f3c11be6ed88b271a38a8d31b3859ac3f8fd3d202df0c7116246af6761133c808fcd77ed1335390a021f4f0f77b6d8dcd83fffdcdd8cb8198
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFavZgZsafAbcCzZkyXPflvKwGknnNiPjqHI:gZLolhNVyE8eKGJlnGkNQjqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-01_22cc3bf2f1579af206be86bab18ad13f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-01_22cc3bf2f1579af206be86bab18ad13f_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7E62.tmp"C:\Users\Admin\AppData\Local\Temp\7E62.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-01_22cc3bf2f1579af206be86bab18ad13f_mafia.exe B4F1CAD2966796C2E8A0D591845B319BFD9767E4AEBD7F53766973F92334679188687B2B25CB5E39FEA780F377D83513DE3DDE6026429C308FD0442A4F3A77142⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD5fe0b0a4e62f35db2421750b1eb718776
SHA1b9700eb943bfc22eb9478b7dc04e92b763ad811b
SHA25687ecd5c4b954e508a60ddfcebb05f91e1a572478538132570b6650fb058207f3
SHA512e570ee1cf4fc4989a81fc039d08b3a4511c3e87976d8440f553fd649587e1a82c0e2fcaac8174547494e113f3a0b43c1a0fe33e285e26f9fef58d27d101c77b7