Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
22/02/2024, 05:36
General
-
Target
2024-02-22_466272caac45108e82fdd147939df345_mafia.exe
-
Size
384KB
-
MD5
466272caac45108e82fdd147939df345
-
SHA1
56a2f6113130e335388fd572be776a2fd26a1b65
-
SHA256
9fb61049ac4b2637e365d4df86032456c3dfb8cefb297fb16c6a0dc276564685
-
SHA512
fa18edea8f16f892f5da577fb77e56440bc8b5e67fe2c5f3d1c4b6e262e67e60d5c4c68d3c03d9e05355c9cc12b12db4830b50855226883f687f896ed5f2222b
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHV2rEFupM94j/sJx9cUu/eU8+KPWFn3Z:Zm48gODxbzLhFupMaCjcX7sWF3Z
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-22_466272caac45108e82fdd147939df345_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-22_466272caac45108e82fdd147939df345_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4611.tmp"C:\Users\Admin\AppData\Local\Temp\4611.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-22_466272caac45108e82fdd147939df345_mafia.exe 62BFE9BCEB398C2A7B68E8FA06EDF3CA5144B4255D841B2A16D874A6FE8139963D41BF0DE354F0A67805AA506BDB4566D41C0F8A7ED50B196E524D13D9FE03872⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD503c57e3cd4682c3df6c1f2dd967f06aa
SHA128e05397e37b7889792308916c06c14eb1fd064d
SHA2561f39b8117d8393adea5b457ea0fab627452d8660bafed48f2950a88e2511934c
SHA51234a446ef3ba1168219f9f3bbc294021928ba8dd8936d63cf909e3cdc5e0e8adbd58f96d380c8b0249bdd95be02c28b6009426154d942df61453dc5d2e469eb78