Analysis
-
max time kernel
149s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
22-02-2024 04:48
General
-
Target
2024-02-22_119756e107fba4f0db9fa13ab79367ca_mafia.exe
-
Size
384KB
-
MD5
119756e107fba4f0db9fa13ab79367ca
-
SHA1
653f0e7dd1e01e81da88b44011297108734bcd9d
-
SHA256
7d444e6ea01adb805f939806f1d043f7714b953565dc3946faff5d678355042f
-
SHA512
bc6379f63ee9ea8e6ccfc24ad930de80b1c1790bef95896a14b85e4c4a603382903260a4b1733aec4d4bcc042f201bc73ace85a5dd9c5c2298861b95b0d6e642
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHPIMuWKGSfAJzYPhyiXcXrdU4ljH3vRZ:Zm48gODxbzumKP42YiMXvjHpZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-22_119756e107fba4f0db9fa13ab79367ca_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-22_119756e107fba4f0db9fa13ab79367ca_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3BA1.tmp"C:\Users\Admin\AppData\Local\Temp\3BA1.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-22_119756e107fba4f0db9fa13ab79367ca_mafia.exe 739C63FFC10EA1D6E5E7AA3377EBD6FF472849CD53BECACC8F6AA68C799A01E814594C804E5AA09AF35C5A667CF7863B23FEC58C950B378C7D53D55D5BC11DC02⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5c656c6ac01e3e8cc802da57009886ed0
SHA13b7bbe7e3af185ab6764b91e843c07eab01665fc
SHA2560778128cf7137bae0b9f7a708b74a612b729780b454f897f3eb6bc2a56333b16
SHA512722e28b60be4b6f68864323cd331e06caf66e8c1056f9799a418bad712e88c37970badf20af16f6cfdc260e493ad5b89e99eea0b8a4b52d11f3b0d20e27910f1