Analysis
-
max time kernel
91s -
max time network
118s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
24-02-2024 03:50
General
-
Target
2024-02-24_ceadfd27c290d30eddf57eac559de5fa_mafia.exe
-
Size
384KB
-
MD5
ceadfd27c290d30eddf57eac559de5fa
-
SHA1
d5d7c0666f4f7c79050328a814e7502013756a8e
-
SHA256
b94dc65726855a5a0470c95cb4a03dfcec69ba677ca7b6e2da74b53b01afe37e
-
SHA512
95f38a95acac3eb440a16b12f33ae23f4b1d7e414b88ddf84aad527a2f5cb1a3366e5ab13a8bcfe32b448b129df5482bc9bc1cc0ec5a864a2f26e1d0cd38054e
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHws8F8lLhRaQuF6nhiieVULq6Iq6udZ:Zm48gODxbzo89hRaQuFhLF5AZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-24_ceadfd27c290d30eddf57eac559de5fa_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-24_ceadfd27c290d30eddf57eac559de5fa_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\31BE.tmp"C:\Users\Admin\AppData\Local\Temp\31BE.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-24_ceadfd27c290d30eddf57eac559de5fa_mafia.exe 44E2CF8878AC5C439FDD61E25CA7DF5762728F698FDB0110BE3C3C1CC0483F5E0273AF15616D87FA6C0F087838BE76A810E31EA699F2749007D5E0202AA553162⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD552317f1ddf5029bd9cf352b977c9cfee
SHA15bc9e7950bf3ab63b6a4b976eefc1eabba2c6558
SHA2566a63a1f896cfe71fc2bca81fa5d4af06691cb4c49e155183825d1f7df61d243c
SHA512dbd2668f4fa431b4be362fbcfb285ffa6e7ba81a7bab67e1b075f2aaa6025e1712666f5e38a344e7344cbf2ba9712aa428cafd1b5d038d36e2db3111dd0bb9ab