Analysis
-
max time kernel
91s -
max time network
148s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
14/02/2024, 06:58
General
-
Target
2024-02-14_9380892323aa26ebceb6b00e6983e24f_mafia.exe
-
Size
411KB
-
MD5
9380892323aa26ebceb6b00e6983e24f
-
SHA1
447240447222326a900b5974fc55c6edd2afd7f1
-
SHA256
f43413743a18c1720e08f6358ba3576c0c9abab86ff2a21a6284eef8a9ed9fe6
-
SHA512
c16b7aaf4915d98f4f70f8f4d56ad7d842a781f3541066a2aa0c82fac4e2895a587dde4afe5850135fafc4f7cfc141cfd583a620316b2005ba90e74653f9f5c7
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFlugekrCd6+It5OQuyivo46hOxOjy8DqHI:gZLolhNVyEySd6Xt5OOi2hOxkDqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-14_9380892323aa26ebceb6b00e6983e24f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-14_9380892323aa26ebceb6b00e6983e24f_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5515.tmp"C:\Users\Admin\AppData\Local\Temp\5515.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-14_9380892323aa26ebceb6b00e6983e24f_mafia.exe CFE9E1D995F6036C25283F83D935FFA06F884CD654E9CED47E8ADA0FF6B37592BE1868D5B2129D6489366311F15E84DE01E112D01F31BAF8D3997EACE5F6C8842⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD5184797ecdc7788e239b210b9301ee1e2
SHA1a9ca97984ca811fa00b157cd969bd85f6e7a721b
SHA25664c1262df5cd01b9033503981f7ea80eb72009179b701bfb0b1c00d0b3d08fda
SHA5123edd0ba00663bfb0982650059853a9e2a0db995bd8d3bb2e1412b32e210c686a2986e66d40fc7c5ebaeb71950b0f4d638cbd2bc85279564f7067ab6bf4ac147e