Analysis
-
max time kernel
143s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
11/02/2024, 18:23
General
-
Target
2024-02-11_834fd6486e5833233555f752778737c7_mafia.exe
-
Size
428KB
-
MD5
834fd6486e5833233555f752778737c7
-
SHA1
58b295426c11772e4b53318827bdb0956b4555ce
-
SHA256
a5d849b7ef94b80c7e9aee33c98d46f8e496682a95fd3f8077c33efdd9990eb2
-
SHA512
3d5e651b3e4143ad24d83395b3e7368bf9f57c8edce858131aeba99fc9e4fc96104d457e9f3d128ff97ea61904736427b7c4217121cddb744ce60db51882850b
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFVTd3VR5YP6oPzhVj1JaZL8avhwx3vqHR:gZLolhNVyEsTXR5YyoPznjuLXw9qHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-11_834fd6486e5833233555f752778737c7_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-11_834fd6486e5833233555f752778737c7_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6707.tmp"C:\Users\Admin\AppData\Local\Temp\6707.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-11_834fd6486e5833233555f752778737c7_mafia.exe 353C4093609BF8836BFFC31C46ED9EDE6D796C2CB54EA16A5D15D64B941B88EE1DB8242C06AD33CA65718AC7E4B997DE34AB94DEA16F235251D166BD1F0AC55A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD56562e18bc13767d96f1bd1d89bed616b
SHA128ec8ea6854b262c84f8f7cc82532fa30429acf7
SHA256b0d9d25b60e942291d276f05a37b2b4cd3df9e7ddd7b724b3b4b24ed5d41f763
SHA512eb0dbf28912c306f6bc859a77e3ea865d56b28f5deb7bd13e8b868b72c13b2da98e5f0d670af18e42ceec16d641e9ee31bcd2d5285847f1b1e83901e8cb46f7b