Analysis
-
max time kernel
141s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
03/02/2024, 18:31
General
-
Target
2024-02-03_d189e229192a02c8b4f74e22c67e7380_mafia.exe
-
Size
384KB
-
MD5
d189e229192a02c8b4f74e22c67e7380
-
SHA1
7ba5c2e38523598cf75f068189eb7bb75a62eedf
-
SHA256
023ad06e83000eced8ac9d59132ef027201bbcb290bda9bc715ca0b28e877442
-
SHA512
46365871c6695d374b032ad13bc8b5446528ad6957408fe3c6f834766d6d0cfbc175b9027da2de70845182d642a0ae8fd196de233a906dc2aa9303500b047710
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hH15FtlM94CBI4NaeSont9MB8kZ:Zm48gODxbznMRBZoont6BNZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-03_d189e229192a02c8b4f74e22c67e7380_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-03_d189e229192a02c8b4f74e22c67e7380_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\B362.tmp"C:\Users\Admin\AppData\Local\Temp\B362.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-03_d189e229192a02c8b4f74e22c67e7380_mafia.exe C15AEF270B38ED6A38285D57451F24E663173B6EF9BF343637E587EE751358CED6684AE509FB427C05B99C9BA2B3679EF6B6517A9091C701B60FE1CE2DD234962⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5475205825334c517f10eeb22ebe61f9c
SHA148718baa1512300ddf729822eade673bcfc2c388
SHA256768a42fb825fe4edb308928108576bca3a1d7b678851cb7887fadde464cf92b0
SHA512f270017bec02f2fd28afdaae4cca42964388732c25a7fb4b951dff8cf3289e769705ab73a2511e1d710649d70d66f9b80c1714b20ef43b041ebed97c11973dbb