Analysis
-
max time kernel
142s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
24/02/2024, 06:41
General
-
Target
2024-02-24_3918cb0db4416c1a633b6683903d05f0_mafia.exe
-
Size
526KB
-
MD5
3918cb0db4416c1a633b6683903d05f0
-
SHA1
112b9ad78ece32641162686fc24f92eb1e91bd60
-
SHA256
7f10749e902b8829df6825663b024b85950128fc963aede7e4f562164b58fbd4
-
SHA512
011b58e36f80e0b362ccf70ae3e5461e910dd3bc17d61101c6a4f9fa40dbd8f47e807d19d443f64049f4c09f91cd839b4ed0671109b23f0ebaa1bb21bfc9b311
-
SSDEEP
12288:z6PCrIc9kph5T95e+rU+zv/6d6Lrr/76ZzoFg5HU4z:z6QIcOh5T9wI/6d6rr76Zzoy50c
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-24_3918cb0db4416c1a633b6683903d05f0_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-24_3918cb0db4416c1a633b6683903d05f0_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\E927.tmp"C:\Users\Admin\AppData\Local\Temp\E927.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-24_3918cb0db4416c1a633b6683903d05f0_mafia.exe B853C0392B20B2959793990AF599C98941600F9285D8F5A10E4514D37ABBB5FD99E676B37CDF0312587871A0B7E6A81E838972A390778BBB10EB2C67B7F5600F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
526KB
MD54758e0377a96074a1676b9e6c55491e6
SHA1e6f0aca73a8ad85d41a59ede3b6a19c287321ff0
SHA256e1982ffaebf2e953625f13787a322f331ae398cceb7394fd5ebc52f58de38328
SHA512c8bf1ea7609f9a71af29b34409795e67f23b4f3cb50de4df311ef00f5cb2533d09aa484e9aa1bddf06dda5d4baf62d9bcf5fab81eaf6b3bc7bcded59c7a96b91