Analysis
-
max time kernel
145s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
20/02/2024, 01:37
General
-
Target
2024-02-20_6cc261a842285f2f2667465edc0caf52_mafia.exe
-
Size
428KB
-
MD5
6cc261a842285f2f2667465edc0caf52
-
SHA1
b0ce9414dd627312190906b789298d187f49ff1c
-
SHA256
8bccb3568559c83514d03066e069d105544b714fba768a6b7efe0e3d578978de
-
SHA512
0171a9135bbbf03025891de5cb264151b3c0f567bafaef46dd91264ea13d49478564850bce99100ba5e4a2e5bebec1e3dce8906763dac0d243fb7877a7e8b468
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFAM/e89G13vx7YVOA0IrpNGyBWccvqHR:gZLolhNVyEt8a7EOINGmXcvqHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-20_6cc261a842285f2f2667465edc0caf52_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-20_6cc261a842285f2f2667465edc0caf52_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\46CD.tmp"C:\Users\Admin\AppData\Local\Temp\46CD.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-20_6cc261a842285f2f2667465edc0caf52_mafia.exe FCC4745EE1FF38899500416F2EF84F6AEC88DA5C5859912148D70351BCA3260F5D2BD8FD1EC7E87077EC7360F3E65A2C889A361D00F9D731785AAFE8F12593CD2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD538e912b18a3b435a5eb75f538b4d3291
SHA16426c16b0e571b3773c666016e8e8154a2364c46
SHA2568e0fd9d5580e98890ea7cb0d000b0a952a008543b5d11363098269e40b5618aa
SHA51210fecef56f6d10e95a21d2cd28a8063d2018385a5a69c4c11e44ac68b2925022ff6f111fa9a07ae6cc8248a4de1a5f8d4a8afaaca570cef397526cd29dbf95d8