Analysis
-
max time kernel
94s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
21-02-2024 21:25
General
-
Target
2024-02-21_2ec77653da3ab359be6d4262d43ea628_mafia.exe
-
Size
384KB
-
MD5
2ec77653da3ab359be6d4262d43ea628
-
SHA1
e0270f317e13e7fd31d46f000dec79684f1b16aa
-
SHA256
914e0de7b0720d7724ff94bc7a2be43ae83a2a4ef33116bdd9f739ee73dcdca4
-
SHA512
a26807280fd7889f857ad03efdf63d9df34eaaa586d505f2125374247331864c7330c397c90e8f7afdd5f12b6d505975454a0a98061d0e7cdd69a8a2fb360361
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHs5j79J2QcU66eAQcsbyOsCu0fkR0OaOaZ:Zm48gODxbzajT2QcU66eAQ9yOffM/uZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_2ec77653da3ab359be6d4262d43ea628_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_2ec77653da3ab359be6d4262d43ea628_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3AD6.tmp"C:\Users\Admin\AppData\Local\Temp\3AD6.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-21_2ec77653da3ab359be6d4262d43ea628_mafia.exe CA3AD0E8525D94068BDB6391C78F36905941C249AE3FE12B26545282C578DEE3D712F518F8EBE4111AB82302355832B7A4441B2DC5C618774ED7EE8A24F6FE432⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5123095b6109744118cf9b7d851f8a45e
SHA1aeee0176a6ad5c63583b29e1bd9c2f206199dfc7
SHA2562dd066998b119f461fd306bf77cc3703a1e6c512cfead98fd2e2cadd45a6d08b
SHA512de7bc46b660231426369fc26c4d0dfb705b05b67602c34f3880dbef383ea22f458388c014ba85a3c7687c4a09d776a2a1cc473cc17ee78b833a8abe41cb7eba0