Analysis
-
max time kernel
107s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
19/02/2024, 08:01
General
-
Target
2024-02-19_ae5eb0bc547e63f6aaf33ae768d97d45_mafia.exe
-
Size
384KB
-
MD5
ae5eb0bc547e63f6aaf33ae768d97d45
-
SHA1
a882111e11ed4d41d9601142d069b6bea759a5a8
-
SHA256
5e011c3fa3c7eb4344620e319f6b6d10188443b168b744e0e65235b7cd1f00e6
-
SHA512
e8453c75a06a87f74230df63ca1763c5bb47ac943528879d60d27c4e129aac8456d1302001114a3f528f57c741ed97c0282b12b867a811cfd59173262bbc2482
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHB7PAuVo2+b3tvkZP+hBCGmSy3YhxCDRsNReynB4:Zm48gODxbzv7ou2QZG+bSmYxClGReRZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_ae5eb0bc547e63f6aaf33ae768d97d45_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_ae5eb0bc547e63f6aaf33ae768d97d45_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\48FF.tmp"C:\Users\Admin\AppData\Local\Temp\48FF.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-19_ae5eb0bc547e63f6aaf33ae768d97d45_mafia.exe 4B598EB30FD93C49F5AB9061D37BD632D4AC45FE75ED19975205999D5C36C3C49840EC2685B60CBCEA032D868533BB05CA5C7023293E13590F0314AE43E261262⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD54da818497e5f0cf520bde1e62aceda1e
SHA1d391e7bcab300171c9761936fddd4b6ef872e446
SHA25675d9ca0adeeff1663bdf12141d9b6e95080bc8102ff24c387e935b901926ef2d
SHA512effa65c61522c3d404bc60ef250406cd6f55af5ae3df33f9d2ab76c9f94cddd6141b571b449c88ec552bfe4342e009008695939010e7b491f36fa19ff294ec49