Analysis
-
max time kernel
93s -
max time network
147s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
03/02/2024, 05:45
General
-
Target
2024-02-03_e969a3db6e89076ef13d3819ce9d9f59_mafia.exe
-
Size
412KB
-
MD5
e969a3db6e89076ef13d3819ce9d9f59
-
SHA1
f243c600a43581530c23af1ff746e284c849fdf4
-
SHA256
4f4aa791045f7255c0949a892766612abb5848cc709b3dd29dbcc7c2839d3a98
-
SHA512
2f0dac6e292ff79a25b3e2f5636e7b862e849ea2b6f3a3e7d58e22ee13e00dd96221786172125f2b8e4dd3f48a496aabcec9be59b7290b34b9b77818a2cf709a
-
SSDEEP
12288:U6PCrIc9kph5H+Hr4i50cZcA3EVTHw98:U6QIcOh5aUcZ0T
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-03_e969a3db6e89076ef13d3819ce9d9f59_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-03_e969a3db6e89076ef13d3819ce9d9f59_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4DF1.tmp"C:\Users\Admin\AppData\Local\Temp\4DF1.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-03_e969a3db6e89076ef13d3819ce9d9f59_mafia.exe CE2DC050680484259B526D6B8BE3A611A98499D4AF429812A831DCEBA08AE3D208AF6663FBCBCE502CDC3F4B2B7138ED0782E358EE190AD3EFC0EB59D51170B92⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD572b55941aa87c02b9c2caf270f44fd9a
SHA1df49fbf04d25e277244e19756d7a1baf5529639a
SHA25633bf06d7b7627058882b964046210b1083ce84dfd4e7f0adf733b08d300383c8
SHA512177bfc98c1ef02561885722db4c9fd1219987ab968461795691a523b64493cf93a295c268d91a5b551b027171c8a9de5cd17c0eab8c1eebb6dd37a80d051bf81