Analysis
-
max time kernel
146s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
23-02-2024 19:51
General
-
Target
2024-02-23_8aeacfff182f4b5b47962de9604e7e65_mafia.exe
-
Size
411KB
-
MD5
8aeacfff182f4b5b47962de9604e7e65
-
SHA1
d4fd82143a6a166f795d89f13203397879268d59
-
SHA256
e5006bb3119a45dc698adf2f7f324f6df32bcd1e33ae62ea1649815e76c46ee8
-
SHA512
614740c9699fbeff4103dfb5d023c692db0a9ca19329650267281b74c2c7eb7f785ef0e47822a281cd6abe6c91dc6436907a7c0d1e1052aaacffc2d0766ced66
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFE/JWIJJ8il1woWAjz5mNeQJP+CnBfxqHI:gZLolhNVyElgIdl1wo5jVmUQJP+CqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-23_8aeacfff182f4b5b47962de9604e7e65_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-23_8aeacfff182f4b5b47962de9604e7e65_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\AB05.tmp"C:\Users\Admin\AppData\Local\Temp\AB05.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-23_8aeacfff182f4b5b47962de9604e7e65_mafia.exe 0D2AFFC8A2DD72298ABA74B5B862A7078775A6ED0A39000968202B177C921CDE6B50F41035C3FB52C1835435F9C38EF8798435BF9393E236D74CDF804F34ACB82⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD575a535991da25cbadf59fbc167503d90
SHA1f667ec35fb8392ecf5d72ee77a0eaeaf8a1ce4bd
SHA256f1f4670f5eb388004cb32cf8ccbce2c484185b9dc05da8a219fdb73ef7ca8ad4
SHA51237e663df8c346f0ff90a46c5a7beda9f7643b8be4014e2e5b928a8b4a0a46ead021270106fdc19d9996e339df949a11424446d95f463103f2bc0c6a4ddb437aa