Analysis
-
max time kernel
172s -
max time network
176s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
10-01-2024 06:00
General
-
Target
2024-01-09_b1f4574b75309055d6bfcd8d0a806839_mafia.exe
-
Size
411KB
-
MD5
b1f4574b75309055d6bfcd8d0a806839
-
SHA1
3d2fb3896d9ff8c0b7f8ecc190d55724530fe858
-
SHA256
91d74e589a1f6c3c60810889de44542537219c69897e5cc67c2bf5425470fcf3
-
SHA512
18b8c17fc05d0013ae73511d85795f08aab6bd8606138394b35d56d514d035be610b5467868da2667631b3982d8168092f72f93d83b1b6780027eb3471600d91
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFw8wM7XrQXBsvOjecaP23eWEqHI:gZLolhNVyEz67XrQWOjecaPqeWEqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-09_b1f4574b75309055d6bfcd8d0a806839_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-09_b1f4574b75309055d6bfcd8d0a806839_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\EE77.tmp"C:\Users\Admin\AppData\Local\Temp\EE77.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-09_b1f4574b75309055d6bfcd8d0a806839_mafia.exe 74610D77BDEED63AC2689EDF55C24D93DA76220ECC5FBD0E4070516955D0A29691B3FC61E90BCA1F9C33932F5131E7A38F0DA0B4F23289946AAB764E4E58DECC2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD5168c1d277087d0fe1860d08ed9bd5709
SHA174611f0e617e55e8924d90dac7b62c7a50af6660
SHA256b6ffc41718d552d5ab65a9f92ac2ba8e43ad53bd13c514093b90e2be27562d19
SHA5124dd8b241e392c1aeb2425d93c62be93645eaf8a24a082c66d3a57e5509206683f69155c3da0db42ed03b470d582c76290454d3ca194610cce39e8ae83363119c