Analysis
-
max time kernel
126s -
max time network
143s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
12/02/2024, 12:24
General
-
Target
2024-02-12_fc05c15d2b3e001d5b04c3cb6a9e7c21_mafia.exe
-
Size
428KB
-
MD5
fc05c15d2b3e001d5b04c3cb6a9e7c21
-
SHA1
6018a9cad7c877cf375e6636a7ef86480889311e
-
SHA256
2e6b9a15bc158c50e44f27bad17b50285b5016e5d3d9ee5c2edcc9b60b29a666
-
SHA512
899be901fe604c9559d8980fdca1e29bc9f473a47a7054deca3d79b931e842cb46c2e350c0ec3895d22f4528f603e2478ab3edbdaccc013ac3d763a0af090a67
-
SSDEEP
12288:gZLolhNVyE0ure+mU5F9zC1KbUK4JsYTEKPIFSqHR:gZqhOEPTD5kKbLiS
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_fc05c15d2b3e001d5b04c3cb6a9e7c21_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_fc05c15d2b3e001d5b04c3cb6a9e7c21_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\47C7.tmp"C:\Users\Admin\AppData\Local\Temp\47C7.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-12_fc05c15d2b3e001d5b04c3cb6a9e7c21_mafia.exe F565FDF42F977F64084ECEC577F91935C96F9AC21AB17A650A1396F601885764CE772A8BE5C7ACD904285A29789F2117E823AFAA09F85D01DEE61CEA5336B1D82⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5abece1fd4cd3999d188fdc70764ebf30
SHA190658b8990c7aff1b8758c8d442bebfc250b5e07
SHA256089e0d8d466c46dc878260fd387837a0826e5afab1243c3457c8e7d51b78d7f4
SHA51234acd4bc0f436162e168db4631d89c6199be4004a75e7723479aa9832362dabd1d8f6f7e91feaf9c584612b29b046af5944ed7149f80beec48aca7c739b3841d