Analysis
-
max time kernel
94s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
28-01-2024 12:45
General
-
Target
2024-01-28_9cdeb439e4af837fe7684abcefdbe503_mafia.exe
-
Size
411KB
-
MD5
9cdeb439e4af837fe7684abcefdbe503
-
SHA1
7f9d1fb53cfd144c44d35072ad1fd6b0d051f60c
-
SHA256
cfc9f502565b91ae81a4fff76f470b52069d7b7d0106e72c3cebaad5954d1b4f
-
SHA512
0f71a91e3a7170b48b92467a11cb701651b9a5f89eafbb20a8fd5da2ef793407e5ee94473f8d153508eaf35a258db586c38a57599366c30d45dfcbe009dcaaa9
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFaZHFEC4V5q1pi+2Cfs9t8D6PEouVPZWTFcZqHI:gZLolhNVyEZ/di6fs08OZWJcZqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-28_9cdeb439e4af837fe7684abcefdbe503_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-28_9cdeb439e4af837fe7684abcefdbe503_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\AB63.tmp"C:\Users\Admin\AppData\Local\Temp\AB63.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-28_9cdeb439e4af837fe7684abcefdbe503_mafia.exe 1A12FCC89C09D4FD1B3A6C1DD5F629E475EDE5402DF75789EF6F8F54C53907A291F84691EBEE79A569CDA0CA2A814E1BE249C6A3C6583670E826E81D1D15FF662⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD59b8085fe7dd64283c6553cca58f0fbd6
SHA1065e1cffbc382e8b83821f03e77d6ec09f0e0b4d
SHA256bf82ecb68352a307e856b554cb023698ac67586cabfc11a62ef930dcd554dab3
SHA51201befe8d88afb263d6fcb57800d59be399b7cdcda7b7f4e7d8fdd92352df84456d361ac599cf1dc5c3197eeb7f9d1f670fc554a16ab790128fb67c27efc557c2