Analysis
-
max time kernel
137s -
max time network
143s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
04-02-2024 06:42
General
-
Target
2024-02-04_eefdc257fc0a9cda68743944f4d05dd7_mafia.exe
-
Size
412KB
-
MD5
eefdc257fc0a9cda68743944f4d05dd7
-
SHA1
d8a51f074003c740db1a86f59ab5da510c8d550f
-
SHA256
0f5598b54489e24d6e60f230375618b6c444fa1e56723beeecb7371d73040e3a
-
SHA512
5f93e1334e9112f3276a8b3ace59f628a9237f5d89ca3c8c21d6e80c64f94708c77567d1afaa187821b1584eb72433521edf4e29ed3cac140e558458e86f0d34
-
SSDEEP
6144:UooTAQjKG3wDGAeIc9kphIoDZn/+8t/sQBPc7giXFjO0wC6PO19YqZox6P:U6PCrIc9kph5VsQhc7fX9O02O1aQoxi
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-04_eefdc257fc0a9cda68743944f4d05dd7_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-04_eefdc257fc0a9cda68743944f4d05dd7_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\F3D6.tmp"C:\Users\Admin\AppData\Local\Temp\F3D6.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-04_eefdc257fc0a9cda68743944f4d05dd7_mafia.exe E732808B180BBFEC0A6C5946096243CD58E77ABD869D644CF98710B7D696E26EDB67BC019DA8CD18DFB1E2044BF96F3AF0F9D965A47BE47BC5385A5551085E0E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5f18764931a47050bbbb71f68fb56831b
SHA17d3087806da77812866b882df5857c5e28c73b8f
SHA256e20d24c149ee17c610eff860154a1a8d24836c22d27c6333af6bce0929228e6c
SHA5123306da946b53fc95b0fec3d0516f2ff659d4492edfde23f3815d8be90c895fff1d917a406a372180c04cd2cadeda60cae8ddea2cf18f38282250370ededfa837