Analysis
-
max time kernel
88s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
17/02/2024, 12:35
General
-
Target
2024-02-17_4d643bbf0f5afa1f9557d18fd7bad92a_mafia.exe
-
Size
384KB
-
MD5
4d643bbf0f5afa1f9557d18fd7bad92a
-
SHA1
43255399538fb196f72fafcfcd9543512404963d
-
SHA256
a8f93caef738c80774f4d73b9f52731978e3ab22f6caf4ebbc2f87dd4485ae3a
-
SHA512
300655757366041ec4ca049b4bfd6337825abd65b189a054c68dc9563662631e0f45584aaab616f55b44c0228885eef14f53a52a9410039b3ccece647289057a
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHaFWXIstQdSLRzTmDzQN6BzJqZ:Zm48gODxbzgFgIs6dSe9zJqZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-17_4d643bbf0f5afa1f9557d18fd7bad92a_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-17_4d643bbf0f5afa1f9557d18fd7bad92a_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4A47.tmp"C:\Users\Admin\AppData\Local\Temp\4A47.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-17_4d643bbf0f5afa1f9557d18fd7bad92a_mafia.exe 55BAE58C3ACA1337D60BC6779E02B20EA20BBDBF0EF1657B743FECFAD237D1ECD8DFBE6A004AC0C3E1C6BE73F69D33AE0DE1722E699A41CB7DD7970489A4C87A2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD58f029ca5c91677c8cc538f95c3c21dfd
SHA1f7c47fb6e2180f1ac6cb5b006c6bdd321532b452
SHA2566efba54d41e3ef6e32204c6b99ffe07b50c6dadb404ff07369c991cc1f6b702a
SHA5120a501c9f43b6521c5e5cde3593a5d32cc673915405100eec2dfbefdcacce284d26eb1911685cde7d09a44914894f2d7f03463f43f6e26cd4bac676cbdd4aa9e2