Analysis
-
max time kernel
141s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
10-01-2024 05:50
General
-
Target
2024-01-09_19bb14a793ee709cf9735072c26a99db_mafia.exe
-
Size
411KB
-
MD5
19bb14a793ee709cf9735072c26a99db
-
SHA1
9ee6db78d5d60c3053af3ff5f0e5f1bd2bd30997
-
SHA256
721417636fce64c7c6af14e8a06b9be50a827803db9b65e930d1dcf888b3ea59
-
SHA512
92354fa732b66e7e9c7963a9d2dfbf15faade0ebcb4aca83b5b521d05273f934a6c4c7aba305d1c7263be0c1812d2a633c3fca0ebef9567c1c084fe9f3b3fc88
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFJShtXRuXVQ54lGztcogm2cZmnqH:gZLolhNVyE5hAVQ5dzucZOqH
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-09_19bb14a793ee709cf9735072c26a99db_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-09_19bb14a793ee709cf9735072c26a99db_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3A0B.tmp"C:\Users\Admin\AppData\Local\Temp\3A0B.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-09_19bb14a793ee709cf9735072c26a99db_mafia.exe 014143052B988C01A32891CA8314C4F6B0FAC2029FDC305E39F47C2040A6D605DBEEEDC1673969A0C0C959A8146B0121DEB9B64AFFFDED69B52ADFF41722BF952⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
92KB
MD52fb5d10d87b9a6d20b3a8bbe5734ddfb
SHA1812be4dc018acda03a73a54d6bc4e7af4f4fa6dd
SHA25667ae0444e184a8f9d694098a4a880ba8b50487d00844f53931187fd96b5056e8
SHA5121da0346458d927d93e9c220642593087fbcec9684680be70236ba74523481e5aaae49d48e271c023d13d32d3cc726f200da2cfe151ee255d61f75d332c04a430