Analysis
-
max time kernel
143s -
max time network
148s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
21/02/2024, 17:47
General
-
Target
2024-02-21_9594529e7cec76dfa74ac98a89751570_mafia.exe
-
Size
384KB
-
MD5
9594529e7cec76dfa74ac98a89751570
-
SHA1
a67ab00bb6f7688cfe1be8383c66238930d88239
-
SHA256
050426f671b6dcb9ef078bdacf3c133bf3ff382e1d9d189edb60e19dc15878ac
-
SHA512
3e14e5fd69815cd8d473f18064f84f216f756e83a2a7c72570dd8ac4a763ac23efaa2801d7ffa80f8e56c76dbea9f814a940a99cddf389338c2aadf085580d96
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hH5pGtaK0hlekFuAjtyMkP7quK/tZ:Zm48gODxbzTkaWPAj9kPGuK/tZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_9594529e7cec76dfa74ac98a89751570_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_9594529e7cec76dfa74ac98a89751570_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\E4B3.tmp"C:\Users\Admin\AppData\Local\Temp\E4B3.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-21_9594529e7cec76dfa74ac98a89751570_mafia.exe 55FDE8CEC4239F37CED74EA436C97C21F486917D7E8F20A246590F00128935EE11B56182F1F489BBDDE6D3A5DBE4D36B3A0AA237A902D843865E303F5F9E487C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD519259823a39e373277122ec64a34fc4a
SHA1c60c52baf808d2e4505c274d35f56dd519f6c1a0
SHA2569315e0ec30816d4c3fcbf9badff8a17c12f6c183275191238c0ac38305bbbbb6
SHA5121ef2d43fa93a83876ef744668b228386110f908f3be6e278a3bd40ab7bb59f78460ab40686ae90d737fa7f5822369aba41eef5749d706405ead9fdd3fdaa6b6b