Analysis
-
max time kernel
141s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
17/02/2024, 05:50
General
-
Target
2024-02-17_ced5a637025eea2ec9146fb01b05cc1b_mafia.exe
-
Size
384KB
-
MD5
ced5a637025eea2ec9146fb01b05cc1b
-
SHA1
812c08066d6d20bb52247f1a3bb21348d77cca78
-
SHA256
ad4797652f3759ab33e6a031bbb410358532ade4be6103f783bfbcd36e1d43de
-
SHA512
5175813d1f63ed2adb059ee00fcad477fe71db49c2566ccb4aebdd5d0ddd5a70462b8a86d3010f0e13f423151f2144bf93e7728db0fda5df7c3f07c4253feb6b
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHfok8j57mJhaY/3wiSUtfujbNyITaNb+o2JZ:Zm48gODxbzrimJhaZSl4bAfcJZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-17_ced5a637025eea2ec9146fb01b05cc1b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-17_ced5a637025eea2ec9146fb01b05cc1b_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7261.tmp"C:\Users\Admin\AppData\Local\Temp\7261.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-17_ced5a637025eea2ec9146fb01b05cc1b_mafia.exe D322DB162AE8D60925606287360B3BA062CE8B3AE5B6C7443F14B3F215199EE14935C4716C2A6A61C06196C4D359EDD73CD5377A994D05C285AB08270942AE492⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD541919f9a91710de0ad92f98745471e1f
SHA1fef1cec80de1c513547225d27e1d857d4e750033
SHA256fa71e0276cc7f104acf45aeee747380284a6070dbc655a1b94b1cda42ea8c26c
SHA512091f2e9d2e7d34c0487adfec061e1ea70db5744c78c9b6cc46cada56b7234d6133503955a004a4c67a8f247674c449d4ed455b0d8d8b171db0be9a43e869347e