Analysis
-
max time kernel
93s -
max time network
122s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
21/02/2024, 19:57
General
-
Target
2024-02-21_c6651c8d77ad6c5b51805aeefd72bcce_mafia.exe
-
Size
428KB
-
MD5
c6651c8d77ad6c5b51805aeefd72bcce
-
SHA1
7a0c5e320917ad9a03c9a352bdf8bd1e0efcee1c
-
SHA256
ffb0164cf189fbb13e8f9c3d0501d5b7bb954a9c565e7679e59e24fe7eabc917
-
SHA512
cea4827ac3c6cbf587ecd4cb90f2200737409c27b0508aeb6fd02922fdea84d2e9b5fbc239a6c5f946448607219af009358bc4098496081c667b949c82b8677c
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFAkuJESu+03mW+vEXOrhEr7mxONnqHR:gZLolhNVyEOuJESu+03mJEr7mSqHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_c6651c8d77ad6c5b51805aeefd72bcce_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_c6651c8d77ad6c5b51805aeefd72bcce_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3D86.tmp"C:\Users\Admin\AppData\Local\Temp\3D86.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-21_c6651c8d77ad6c5b51805aeefd72bcce_mafia.exe E2F922859753593C9C1503706F74C001FE18BEC6E0551706B1A66F68A5DCBA7B5FE100696395460706BB00D4529C4D65CA08BA2523A494F37EBA95E5340922BE2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5773848a5c29c889cb73fdc742594f9ea
SHA19bc790ec89b47bdc7f7ce0359e88343cb7c7e9ae
SHA25673ce893f0ad77fbd259be9aabf2f4e703405f08508bbcff0e91b4cac3e713686
SHA5128de14469dfd53327b5dd225aac7e22568e6d69c7cbe83b1a1a51225e453aa538f9bb3af79547c4157a4e9ce436023301d27642277330d47b36b7faeaa77151f9