Analysis
-
max time kernel
143s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
04/02/2024, 12:32
General
-
Target
2024-02-04_64ffa3f56bd9569cb751e0c586be78da_mafia.exe
-
Size
384KB
-
MD5
64ffa3f56bd9569cb751e0c586be78da
-
SHA1
d29e7c62d576328552483abdf93a5ec94f87810d
-
SHA256
d69ac789ae61bb1b0c66f4ba42bcea6ccef1d9b9efee4fa57556ca090f24fd7d
-
SHA512
aff00fe8e272237c62a048ef799b88d771306da66864f21fd312bd274d7772234b428eaf270a3482b418633bd8047b16d710a405f2c4fcd5260035db21e8bb36
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHtH7+zjKTZ9N16txfQ6RyF98ra62pBqv7+G5Z:Zm48gODxbzjH7sKT/WTQ6RyF2u6AB1G/
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-04_64ffa3f56bd9569cb751e0c586be78da_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-04_64ffa3f56bd9569cb751e0c586be78da_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\663C.tmp"C:\Users\Admin\AppData\Local\Temp\663C.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-04_64ffa3f56bd9569cb751e0c586be78da_mafia.exe 0DF8606796BB8A0E0C01A2348C562CFDCD0A3378E203FFD9B429961991502A2B0F010FC2A25AAF7CC14249FDB4C0006FB100E3AA7C9E8674966DFEAB4EEC83652⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD57e0d2b97db70356f1928e89a57357efb
SHA104fd7db088c5108237519c9ff8c40f761d9aee82
SHA2561691de269eb0d2c625bd79ee0dcf4ede027358f52a967d646ec379c8b801f83a
SHA512f6a71e62d73ca49fba08cc14d36574fd532648da4780772cd3e64f565652ccb858b79c5f15548a706cf4a3497b0dddacf052c8ebd8e5676f13b6258651274be4