Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
22/02/2024, 15:45
General
-
Target
2024-02-22_9b562ab8ec11b6653a0a11539eb1657a_mafia.exe
-
Size
428KB
-
MD5
9b562ab8ec11b6653a0a11539eb1657a
-
SHA1
da6fcb472fedd110d9b345cff9cb758a9c7bd1d8
-
SHA256
894da66cd7e4f528880c2bcb41826c93c8046bafef6bfc9def8f0aca4ff18513
-
SHA512
4db303a777f87577e9e256fe41d8280f79a3b64cef6333090011f1d2f086506c4679c03a16c81b3a778a80a19913375a4a86b703c91fba749c594ad9935c38c3
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFts+ZK34zOvo9OFTrbvPohI1GyDYL7NMqHR:gZLolhNVyEPiK4kFTrTohADAMqHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-22_9b562ab8ec11b6653a0a11539eb1657a_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-22_9b562ab8ec11b6653a0a11539eb1657a_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4E6E.tmp"C:\Users\Admin\AppData\Local\Temp\4E6E.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-22_9b562ab8ec11b6653a0a11539eb1657a_mafia.exe D033AC55B9F0B410AD5DFE3A2FC61C494D245A40A7229235E091841D564E06A71CD98013A3B4267FFFAC934A90BD1DB3484AA2919C721F38A049F3FD06F8BDE92⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD513f0ea3d69cccf5ea942c6e72801d391
SHA18ede23a6800c39e43802158d2e3379369149deec
SHA2560f15f342767381649870ea01c663263c98a174f34f0f1bae6be1f057c794da77
SHA512d99153f97c2d064954a8b9ba68e74dbfeb0624644c3b621fb4a9a1e09a635572fbff4920d50d5541d58734252bed3b4999b10b442147d15e7bffb2f0207ce4d2