Analysis
-
max time kernel
143s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
23-02-2024 04:52
General
-
Target
2024-02-23_8d70008be78464f2b5566b2ae037fff3_mafia.exe
-
Size
411KB
-
MD5
8d70008be78464f2b5566b2ae037fff3
-
SHA1
a3570ea536181879d14e4dc91250a227c59e89cd
-
SHA256
06cbffbff2061457f202150f74f640c6dd06340579d4d0e41a1e56aab66a9409
-
SHA512
5a440e5f35ea04c4a6c4c652e4e77d20e735b6c9611c4ecdcea713381b1933b2203fc8b99c6866ebc2cffdef7293fc815072fe25a294b40fbe1e3becf8c52439
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFIF7s7f5jcfeW6pVKMkmIsLOvkI3CCYO59BqHI:gZLolhNVyEj65tKmIsLOlC0BqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-23_8d70008be78464f2b5566b2ae037fff3_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-23_8d70008be78464f2b5566b2ae037fff3_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\F666.tmp"C:\Users\Admin\AppData\Local\Temp\F666.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-23_8d70008be78464f2b5566b2ae037fff3_mafia.exe 946DF48378D6AEAB75B72A5D1834402E61BA212BD9998606058202D5AF1D1A712B12AA0BDC416B01EAF4B899C013DEED88FC1EDA443F3D9276A0CC43C052AC1C2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD574ccb81798ba65a763f9f9c8e573622c
SHA1be70fd1c52176132bca64e3f1a7be4c819ea5168
SHA2568d4f5778bae28f2e1d1fc31db156600f620cba4d789b0404460992196d6d5e95
SHA512a1497075c0b85da416130ec47d96ec6dc7eda4f40b7ba40fe3a734042e1e91c0e3f78917b7305589f5a01d5b4460eebf8fd13709fe2b8e7ae83774529c8df057