Analysis
-
max time kernel
93s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
13/02/2024, 17:29
General
-
Target
2024-02-13_1a26b1c128b6ca888354509e2a353f7e_mafia.exe
-
Size
384KB
-
MD5
1a26b1c128b6ca888354509e2a353f7e
-
SHA1
dceb42ee73e3c64951acebc7cb979574cd8de2dd
-
SHA256
335990b2b6a9fb7832f9464c12417fd1346b05a524322561455c270ef4914768
-
SHA512
eec8cd2a5a82844ed549399b6e65153d962b3032679096f42dfc781f12c1cbe4c2214946652c76a6caa6a9039efb55423f23d5a38a774aa9f7b5679679762e2a
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hH4HqnBOR0nIR9CIlIixxrBNUD0oPDgvRWQP+7KPY:Zm48gODxbzcqW0nIR9CI7xdkDDDgZm7N
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-13_1a26b1c128b6ca888354509e2a353f7e_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-13_1a26b1c128b6ca888354509e2a353f7e_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4239.tmp"C:\Users\Admin\AppData\Local\Temp\4239.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-13_1a26b1c128b6ca888354509e2a353f7e_mafia.exe A8996652581A692232353DBEC59433D1A429A2936D5878047063ECD9E16E4E19F2F0DB8A40A61ECDC05A5364D562873D9BAEE88C3EB3380BEAAFAB42EA3F0F2B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD54969cb3b796fe2372c2b287a5e7dd24f
SHA120a204217a5bee010f3ad8ed4efe72581616efa9
SHA2566291fc2146791f8f0e82563463a47f005fb781ba5cce29af47df2487e188bdfa
SHA51283ee0d10060cc3f608a0383b03517bbd38b62237ffd5b512fe41e082b70a7c4be9dcf4c904ceef961f970ff108e1fb3d77efdec1eb7b84c16021101833882528