Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
22-02-2024 07:24
General
-
Target
2024-02-22_0b6be5ce523ed4cdbfa0514d51940f33_mafia.exe
-
Size
384KB
-
MD5
0b6be5ce523ed4cdbfa0514d51940f33
-
SHA1
acc105ddd5e4f86f61b55285af928c0442ed9885
-
SHA256
08699996b1355efaa1c401b31a09c7b91acf20dbc930a351fcd8e277879b92ba
-
SHA512
0617db93b8fb7d93af23768ba38c90e31c54c160959131b3634d556926a7e093608bc7ad00dea4e079ddfa3b2156412d959e7ba209cb0a3087628a8ddf3be369
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHfH4/IRXKB2cnI6Mr0u4FpF+/dHmb32WGR81TZ:Zm48gODxbzl4/QKB2SIAFD4dGb37jTZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-22_0b6be5ce523ed4cdbfa0514d51940f33_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-22_0b6be5ce523ed4cdbfa0514d51940f33_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4527.tmp"C:\Users\Admin\AppData\Local\Temp\4527.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-22_0b6be5ce523ed4cdbfa0514d51940f33_mafia.exe 31A85E81F9B97B8C0AC038780EC38E23756087D47962BDF55EE1D083CA7EBC82D029DD8550F6E104359ED4767CCF187C3B81DDBCE1F748E6B218EAE2ED2BB03F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5fe4445d18866f0db600cb25af678aa11
SHA1c4f7b539a3b3f1666860b9ebf88d0527cfd4f0a2
SHA256a8d679918216acf743bc85ce92e06804f051b3c16640c5ac18bea068d0bc1dc9
SHA51227e1d8066cdc8add2f5d7b76641e31a3b902c25988ee57ae4bd4ff26eb232b03e4bbe24bd7eb5e907cce0e2e7b2f8f24784da36c11c6754ef65eeeef7221292c