Analysis
-
max time kernel
90s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
03/02/2024, 20:31
General
-
Target
2024-02-03_aa366e4ac6b1e4902583260425d6bfb0_mafia.exe
-
Size
412KB
-
MD5
aa366e4ac6b1e4902583260425d6bfb0
-
SHA1
7b21d251e7f8bbe86056b59b5abbad49daab1fd0
-
SHA256
d5852df3d1467a0074435dca82c255de9f493f55f81c601fdd6c24718201d2df
-
SHA512
7b5de08ba3d97d6210ea30087587f3e084a37763338e2341fa3c13d59548c6470a62a4e75f90d9e1ecdeb0980b8c598ba37e9fecb52da6d9737b4ba07be67736
-
SSDEEP
6144:UooTAQjKG3wDGAeIc9kphIoDZnc9TkfI0dhZYfqNz0VmKzAlqen387FP:U6PCrIc9kph5WdKI0d3s8zQmwAl8t
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-03_aa366e4ac6b1e4902583260425d6bfb0_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-03_aa366e4ac6b1e4902583260425d6bfb0_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\50FE.tmp"C:\Users\Admin\AppData\Local\Temp\50FE.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-03_aa366e4ac6b1e4902583260425d6bfb0_mafia.exe FF609559095B0D0DC29D8CC0BE81FFF15C8D12C5F239D7963F7762C6E0C2533B4A0CD5D588B0338557CAD729A72830B470DD679C63C51BC1E9646B98ABC325602⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD50ea380ae6f355587878fe61ca8c9a844
SHA15bc600304e6520c3d851cbaeab3ac196abb863bc
SHA25645be2f47cb82576557170f363c3a8603515e7fc5ef8d6fed94b17c45818df187
SHA5120ad3f3805ac484dc4aabae718d5e531977c8fb3f133e42a1e7f245c815a525f50778ad2c1b7710a828676cd4cb31eb24b774c29be81975a7562978200adc5dc8