Analysis
-
max time kernel
148s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
12/01/2024, 05:58
General
-
Target
2024-01-11_4d29c765e9431577d99e02e4192acbe6_mafia.exe
-
Size
412KB
-
MD5
4d29c765e9431577d99e02e4192acbe6
-
SHA1
8e086d0a4872f9441630c2b112170f23bb992fcf
-
SHA256
96b77bd1ba5e0340133289c5c38fbf4533984e9b9703b4f0254205471363a4d5
-
SHA512
8191b4d7665a019e83439d7ec1b89f9241d0d72aa0616002873663cd2c14300760241ab1c595bba252ecbb192931582d31b4d5729d2fffec66360cd8ec8e2693
-
SSDEEP
12288:U6PCrIc9kph5hqXDcoRXTRGTEm3Ugiij:U6QIcOh52DcqwTlE
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-11_4d29c765e9431577d99e02e4192acbe6_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-11_4d29c765e9431577d99e02e4192acbe6_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\67C2.tmp"C:\Users\Admin\AppData\Local\Temp\67C2.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-11_4d29c765e9431577d99e02e4192acbe6_mafia.exe F1B0E85ECB31021484AF1228926D36A566F290F7065CA1DC433E4B6903CEE53F94FBE858B435D2104D07A59CCF0D1D2308496402299172CA912A0C4DD2315B482⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5824ffd7bb376c647665f9ef6f900ec36
SHA172f780118f5e796b2e02e5fd67f9bd29387f414c
SHA25642d46a50ffc675e4893da8ffc7146306cf2add3e1b27beb350b5eedea8f1bd52
SHA512a8afbb4782403cc8b1e427508b185cdda982cab22852ee5ee383d0a9ade474f0dec08438b1fd002f7edea13bb3919f30d5ebcd231fa87318ed3a301dc9e1fef4