Analysis
-
max time kernel
103s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
12-02-2024 17:43
General
-
Target
2024-02-12_9119159176c3e79c0b59e117f0f32109_mafia.exe
-
Size
384KB
-
MD5
9119159176c3e79c0b59e117f0f32109
-
SHA1
a6ea3361c2f8c12316c45914626b946d0178c9ba
-
SHA256
0330ad410b6d819da7ce1185ff00a331c1e89a401701394a878fb685d45906fe
-
SHA512
bd05cf04be2460db7ac24ca7e8a309da8f0a1eff64a3f16f5fb54d76e315981fe9660c909209fa9f1576fd72b5edb5f3f2b1b0c0ac305240150352fb57aa4090
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHiSpn+SNRS/8/Mqpx6K5r7T4Y7AgXtRZ:Zm48gODxbzDjzh/M9K5r7cYT/Z
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_9119159176c3e79c0b59e117f0f32109_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_9119159176c3e79c0b59e117f0f32109_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\53DD.tmp"C:\Users\Admin\AppData\Local\Temp\53DD.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-12_9119159176c3e79c0b59e117f0f32109_mafia.exe D4E3C28B471613B86D8168A6B53FBF402A22D09DE0632FBE1F3F47481B67C817B1DA1E3DF85BC55D4B77E26B5E71053A940F810F91C9A6B0EAA322B0E021182D2⤵
- Deletes itself
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD55b69101ce7df3d8bcf347f11b0bbcba2
SHA1b136174c660ade53d8a08afb000a1b10db661d21
SHA25640553813a07ebacfda8098430eea9b452edf164fd2c4d7e3aba319774622f4da
SHA5122ca1ba9ff0c31ff4df670a48d43b5a3f6da5720fefad0fb52e63a70370136d99184595e19539a19e8ddd1d6121876533f81074aeb35863680068c4e848aae418