Analysis
-
max time kernel
93s -
max time network
114s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
23/02/2024, 01:33
General
-
Target
2024-02-23_4ab0065af53088f19bd20b6a05da6ecc_mafia.exe
-
Size
384KB
-
MD5
4ab0065af53088f19bd20b6a05da6ecc
-
SHA1
4b53c6a7c5a0a38bf1444b1f6640a8cf817539d3
-
SHA256
dcb9cb3c8a2b5e66d0a362cd14ded53a5b9699290e8996f220ac2081b1a8be1a
-
SHA512
e1801a0570ce2f594c6ea28cd11585663d59ce1d5cee90bc02e4b698c3f4ef73cdf229e064fd8563d31d2ede89974432d283b0551881f66654772968bade68b5
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHaz44fRjSEferSqBWLaE7wNJ8gYjhIfRSsNzWfZ:Zm48gODxbz8z44RuEMS9uCwL8g1SsN2Z
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-23_4ab0065af53088f19bd20b6a05da6ecc_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-23_4ab0065af53088f19bd20b6a05da6ecc_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\51C9.tmp"C:\Users\Admin\AppData\Local\Temp\51C9.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-23_4ab0065af53088f19bd20b6a05da6ecc_mafia.exe 35F1D362C497558D9C283E3E1F95D603AC6612C606AACDD4E070380943DA326FFD3BD963732DCF874F5D7E963E196DA14FDF5E7EF1C39739335CBE812F5D3DFE2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD57330dac06097a306aef148e9b538e6a3
SHA11f6024298bb9a7c30e6e5a5027d08281515f2403
SHA256c008f813a6f092de1e4351da74713547c390d4465f0e786fb6e157153bef642f
SHA512f3ed8f98d0f7e260d886550f4c07287317ac02a692e8de47e79ccca74858edbbe8970d93fac1317060779e155e0cf26975a1e2d69d9adcd7eff16f4d9fb56902