Analysis
-
max time kernel
180s -
max time network
182s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
10/01/2024, 06:02
General
-
Target
2024-01-09_d9728b6c486d91f9a1b574cc22e1fecb_mafia.exe
-
Size
412KB
-
MD5
d9728b6c486d91f9a1b574cc22e1fecb
-
SHA1
11d0c337aa9903646b30c4b84c35a28adc9d8840
-
SHA256
5ea8f49ca71957ce62891ae3e3b0683135e4e118c0c747f0e3ca91ed812b8a5d
-
SHA512
4a0f4285bcf772e89f1751eac8ed4ce0604abb0e80d16ad3e2e8e4a6ed5bf0d31ce49aa5ee213681a7209e293d2000a8bd1f2f71b34a3f2aac50b5feb0ce929b
-
SSDEEP
12288:U6PCrIc9kph57tZxxAp4S/S1yFD+PNXldPz:U6QIcOh57tK4nJ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-09_d9728b6c486d91f9a1b574cc22e1fecb_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-09_d9728b6c486d91f9a1b574cc22e1fecb_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\F770.tmp"C:\Users\Admin\AppData\Local\Temp\F770.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-09_d9728b6c486d91f9a1b574cc22e1fecb_mafia.exe D5BB0A93B73728E4CE29D1F76E7AD667A08ABE5204A512AF50DC7E2839C48CB68A1B90946B1674D739BA8ECCFEF14BF9C9594D779F2120B6A11D7696BCE69B942⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD59649cf701fa0ea9236e1ffe93482bde3
SHA1ac56085b4470a742d5721c1d9c1e93eb152e2a94
SHA2562a7a6b21eddf5e15b03a93704436b4fa7ffb487bdb92367b2d67b6a0cff0c85a
SHA512bc22b7150ee88c857be11dd932248e86bd0b9e0886cc88e5ab1823169b026fcc16b478c8b888a3d61aaa483ed516f3373289ff792a54336a76c860e8ba0a85f6