Analysis
-
max time kernel
145s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
14/02/2024, 07:06
General
-
Target
2024-02-14_b757203b1451cb834c81ebf19f236b16_mafia.exe
-
Size
384KB
-
MD5
b757203b1451cb834c81ebf19f236b16
-
SHA1
b6fea9ff17527182985f589d0d235ae37ad5026a
-
SHA256
daf6acfaa864a9fe926462e4be9fa6cdea18d0d239f7f5f385966cea201d70f5
-
SHA512
3217bab10c8e4b920272a0af0f35191f852ed48f9de7412fabd4ecda26d462b08d04a871cde1a166e309d0ac059015a5a07b0816ea43f2a2db81f4c664c9c542
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHhuMaB1KIgg/kgbh4ZJ3uvmZ:Zm48gODxbz5ablgTeyR9Z
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-14_b757203b1451cb834c81ebf19f236b16_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-14_b757203b1451cb834c81ebf19f236b16_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\47E6.tmp"C:\Users\Admin\AppData\Local\Temp\47E6.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-14_b757203b1451cb834c81ebf19f236b16_mafia.exe 62C18BDD3EAB33D33DB522C30F79E830A476CBF34BB7296DAAB100A2D6D8BF96E3BFC099856D1F7798FE8BE5AA716D9057985499F7FEBAEBA2D3E181526D22522⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5c6c05adaf140c36a06be12698a93952e
SHA11cf1ff3135806c391da4261c305616aac2d893ce
SHA2564de8c0e534c80d6da770c99f3fc123435142c304418c941c0a387f1eadf43662
SHA512b94892d18052813628cf42c0dc9d15428bbebe6d5a7dae37551d159d4c6ea67d6f50d52f6814a43d3ebed929c7e9cc8b016c80e6f093e06c5e799941b362f5f0