Analysis
-
max time kernel
139s -
max time network
158s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
12/02/2024, 09:49
General
-
Target
2024-02-12_67c8bc8c3583b7641d6ce4f9ee6c9238_mafia.exe
-
Size
384KB
-
MD5
67c8bc8c3583b7641d6ce4f9ee6c9238
-
SHA1
d8e9760396a0dc202de5f5eea11fe9f5d5ee56cb
-
SHA256
d6ab6c6802b5466a93c4b4ddb0e58ed8fc9de8ace348e4cbf732ea536a9864ce
-
SHA512
58383d328bce53495eaaf867b22b0e6aa56afaf32e295051aa3b293da7ea0b0b0dbbb3d45c8147e21580b554fe2916794b0809f4e714bdb1ae7b4ca3229bbc88
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hH9TNtoITLsuPBZD3Z:Zm48gODxbzLNvsEBZjZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_67c8bc8c3583b7641d6ce4f9ee6c9238_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_67c8bc8c3583b7641d6ce4f9ee6c9238_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\DA7.tmp"C:\Users\Admin\AppData\Local\Temp\DA7.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-12_67c8bc8c3583b7641d6ce4f9ee6c9238_mafia.exe CE0A873CAFC2DC18A68C4F19B8E88BED26A9B567317191620583FA711D42DA81578DC91ABCA3C83E775A3427A9B594F24FD6F1928324043E7BC3DC2B4E6BAD1D2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD56f262d6e9ed7985d47b3f975d7ea0f92
SHA180aac466153a7ff281824eb488bda4cd5a830781
SHA2560992152f962883d6564a1e5485adcc2702fb5ecbd64f5e56a8ee01981db2ebf7
SHA512ce5ea4f3367f9bee58340bc013597f591788d49b4c9b55b32f5958fd178941c4d77f74e39862fce3a759ef3aac1276f711d1f78789a44c98e7d905adbf40ee89