Analysis
-
max time kernel
92s -
max time network
124s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
19/02/2024, 16:45
General
-
Target
2024-02-19_a40d3e2e50df27d5f6bde680ceefc799_mafia.exe
-
Size
412KB
-
MD5
a40d3e2e50df27d5f6bde680ceefc799
-
SHA1
17a8e7f7ad631da2cd9f18ac9a4005da15102673
-
SHA256
ef5cf755236b031ee8532261d7c1e9d08fc916d53abe6113c5ca5b59241ab1f9
-
SHA512
913a8cfb87d0ce18d035114acd0c74786682a0b76e906c053e5483a4b8e2bc2f07212d74a8acdf71f7503e24c49bab6eb9bb4fbe8057e6b4d4d4f21e1841f426
-
SSDEEP
6144:UooTAQjKG3wDGAeIc9kphIoDZnbDMzClNYhD7tJKk4ritpFYcMt6h5zQP:U6PCrIc9kph5d0B7yk4rGpFkt6h5zo
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_a40d3e2e50df27d5f6bde680ceefc799_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_a40d3e2e50df27d5f6bde680ceefc799_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3E41.tmp"C:\Users\Admin\AppData\Local\Temp\3E41.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-19_a40d3e2e50df27d5f6bde680ceefc799_mafia.exe 5BBCE903A493CE375CEB0286CCEBB80B477F0A38AAC56E4AA4F94892D0057BCD96878FD72C174C5E3CEE3D4CC7805A91903095D3D43D494670CC00A22476DC9B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD52982332d191a7dbf45aec5192218ac7e
SHA1e1c8bc65b35c544581b431587a0b7797c0029e13
SHA25679398adfd4f58b42061078a2a2f509de5ca73ce7e7c0e5c10aea5ffc05402541
SHA51221e4474d145cd2de16cb07e7b1d64f3290be6c64931c4957ec9c35a0641d20ca7b13a19bb823840e53abab5931510962b0f6b10f6462f91dbdbd3589f5e841da