Analysis
-
max time kernel
142s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
19/02/2024, 08:57
General
-
Target
2024-02-19_dd323b8fa4bf77eda2fb023c1023f6f4_mafia.exe
-
Size
413KB
-
MD5
dd323b8fa4bf77eda2fb023c1023f6f4
-
SHA1
a09696ae5ea1a367f3cf3a494891a0c127740bd6
-
SHA256
cc8e763d1bc8afa2cb09cef3d5a6cd69d5e49d3ae3c3a111fa076f910ac423c9
-
SHA512
ff2ec6af2ec9a53c7569a75e193ec7d3655bccf5032dd5a8821a3a57675bfab63bf9c0fb7753dbb98c56cbc948e417ced19569622ce381ba386c78ecbfd75dcc
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFpL+70zlan3WOXdjlgeUqHg:gZLolhNVyE0C70zlo5gdqHg
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_dd323b8fa4bf77eda2fb023c1023f6f4_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_dd323b8fa4bf77eda2fb023c1023f6f4_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\69D6.tmp"C:\Users\Admin\AppData\Local\Temp\69D6.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-19_dd323b8fa4bf77eda2fb023c1023f6f4_mafia.exe D37A8ECC4A7A5F46553C530913F7A6F2A397229015BB50C36FF3671B13C65DC2FBA38A74C1200CDFD414A8BE83E70BF5BF6EBC02CB009CB2840F0FBF7C584EFB2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
413KB
MD5a6f9d8a2489d7b9da61b47c3abda1bf7
SHA1419ecbeba0a49f603d28104799c9cc841db5c0ac
SHA256eefd69302e484fabefbac7028e2fe911f5a021a3fb1c3f90c5dda49c8122d7aa
SHA512fac95d8e3b2e415cd909855654784f661bc908efd1a30053e47b7f65dc5d07c0a3378157c37e902be486625a7cfe30b61da9ac48708c7fbc0e0b6bf82bd95ebc