Analysis
-
max time kernel
90s -
max time network
122s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
17/02/2024, 07:46
General
-
Target
2024-02-17_a410979b019091de4c640d443411e717_mafia.exe
-
Size
411KB
-
MD5
a410979b019091de4c640d443411e717
-
SHA1
f4ec3c1dd15cfaff76a7770dce79628f071245d7
-
SHA256
c3593479598d1efd90205fe463d418395ac805ee69a7b3e96fa5f38814d7d140
-
SHA512
e785fc8149dec176ce711fb25a37c3d09847e9327791c221064a453557757307c459a9adbb8cba2f2aa6d51ca26a18d05b4b48c2ce06a29a077794402e9f5197
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFWSX51ixEshffP68qswJfpURgkdTwUfqHI:gZLolhNVyErq51iWwHPXOpURxTwUfqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-17_a410979b019091de4c640d443411e717_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-17_a410979b019091de4c640d443411e717_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\45E2.tmp"C:\Users\Admin\AppData\Local\Temp\45E2.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-17_a410979b019091de4c640d443411e717_mafia.exe B223E3D42766B2191B3B4C6D8B2CC2C60702BC8D611007D23987CA1FDEC32F2814C42566E6ADC3A5BE7EAEAA270AB0A795108C31B457FA7CB071E945FF52F1F72⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD5034b5071a409d07115db01b00789c41d
SHA15bd3fd013492d2d3638e0214d0bed5c4c003082b
SHA256c26d242bf28a9932469dc96d094fd8b5c92a2bd0fb19d14f07b5b790aa17bfc4
SHA5120b5b1984c0027923e3519685948ba8d6f598269ad24639d2157e55aebf0bbc5d8edf83843a5bc892a3bae8f08329bddfd93958ed33f6ceaef7dbf7ed86ddcd81