Analysis
-
max time kernel
144s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
28-01-2024 12:23
General
-
Target
2024-01-28_15d0e1b600bc1504b0ddf177958e09fe_mafia.exe
-
Size
412KB
-
MD5
15d0e1b600bc1504b0ddf177958e09fe
-
SHA1
2d95f617474e42280fb70b8d2bed1a6371a84eaf
-
SHA256
9415357ace06e6adefa4dc1c3908acb9c3d92d8839ed0d274988a0636382da35
-
SHA512
b3a53ba3d560b7d0da9c87608a09ebf9b5e6bf6c92f66991ae31825cffa2a9d7788031905ef7c629d84352c7c9d63f28fbb455fffda38263825e55d7ac8ba629
-
SSDEEP
6144:UooTAQjKG3wDGAeIc9kphIoDZn4p3kYEMuexN3OYORK/OB8vUg7M1BP:U6PCrIc9kph5eVkYEMb+pLBoM3
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-28_15d0e1b600bc1504b0ddf177958e09fe_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-28_15d0e1b600bc1504b0ddf177958e09fe_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5208.tmp"C:\Users\Admin\AppData\Local\Temp\5208.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-28_15d0e1b600bc1504b0ddf177958e09fe_mafia.exe 89C48BA67A97A653758EB21DB6EDD363B393AB65FD6D126E36A0822B26A54E9C501CC3F1764895ABB762B56B1F313A3D6463408AF5EE5A93769B0A930DAD5FBD2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5f49003522d7e61f14e117696c14951b9
SHA1cd894814b717428754810ec63bdc04ac8dc2c352
SHA256451416109b179a653f35b24f25f237d253352963c6cf96b7a907775e20abe222
SHA512f795d3d5bdfe470599161492a84e016558c42efe80a86263710b02e13e8eae10fc4c0d916ac4f589d070ca4f0c54324489e3931974842e9ca76636ab72019242