Analysis
-
max time kernel
144s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
18-02-2024 14:24
General
-
Target
2024-02-18_14c85b696e0bc493dc88c3f66e119c6f_mafia.exe
-
Size
384KB
-
MD5
14c85b696e0bc493dc88c3f66e119c6f
-
SHA1
6ed2c59216756ab50d8def4e13a8b7a423b86f6c
-
SHA256
4ca5e6e338da186000f6896c4beccc263232d02c0f2afc24a045c591ca854481
-
SHA512
a7405288ed9c81447b07de1764bec74bb98e5c1748f7bb450aa865491db5a2d6780cf3cae522f7a6b933176a2406cfcaedc05b53d2bc6086eabd1a77a2589ff5
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHnoX4TfzND8f269e/sD+A1RVDfZ:Zm48gODxbzlNZ6UuXDfZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-18_14c85b696e0bc493dc88c3f66e119c6f_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-18_14c85b696e0bc493dc88c3f66e119c6f_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5360.tmp"C:\Users\Admin\AppData\Local\Temp\5360.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-18_14c85b696e0bc493dc88c3f66e119c6f_mafia.exe CCC4EAA5C0EBECFCCB824CDE02C31FAEC4288BF3BFACD2EB0212805BDEDA3E195E2617561E7E6E5837405B59C5BEC9B579A8734FD4345A8FD60185AE9865AC912⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5f9dd3500abce73dfd76dbf8ede4f4af5
SHA1fc0024ebb312e9848384fc72efdd6ad86daa9296
SHA2564a183d2623d4524fea1c4b7e4907e86d299a685265d1a8caadf68922d135f1cc
SHA5123955efa732d6448817e2ac884027cb70be9076548da5e609395eae8ffe10d1152ede7bf58b163e17c46a147931389b07848b48fce9f721997d9a54041a52bbeb