Analysis
-
max time kernel
144s -
max time network
128s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
12/01/2024, 05:59
General
-
Target
2024-01-11_63180d3fdc5c604cfc1767633bc00818_mafia.exe
-
Size
384KB
-
MD5
63180d3fdc5c604cfc1767633bc00818
-
SHA1
8fb616dc5b3d861902e140324849669dc414578a
-
SHA256
71e66b4c027a32811e9e7ac6d6ffb1f06298b4b018ca40456df3a18373131391
-
SHA512
ca0295acc608a6df61219907d0b6e8bced4f2ff4bd8de27e49304cc98742f42de2e3e9fb3a51e23ba43a908817233be9fdad84385c9778a9338ec05d0fbc9c6b
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHXCPp6o4SNeEeo7SYrZ:Zm48gODxbz8Io/N2oZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-11_63180d3fdc5c604cfc1767633bc00818_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-11_63180d3fdc5c604cfc1767633bc00818_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5505.tmp"C:\Users\Admin\AppData\Local\Temp\5505.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-11_63180d3fdc5c604cfc1767633bc00818_mafia.exe 6E5C8AD97EA2E9B747D9EA9AA21269E1D3EA9D3DC6C51A706094AB1046800850900B2FCE1C753AE0E0B59CF66D68A56D18E129F74AE9D0DCAB305D06F28A0B2F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD54ee08f1a6070f7128149956db94e71dc
SHA10ea8fc1e9959903d7463e6e67525dc91ec25c391
SHA2562a92eedfb1821039ca4e9dee10d68720c80d9c7bd6dc2ae1274a8fe327d6045c
SHA51213a4c22b347c8c6fad6ffe2a275d07119662631b8f5c32dbfdd762c9035404f088b0ca41b8b024c9048f2ad370681fc5b41bbc9a120be198ec64df20a968a926