Analysis
-
max time kernel
147s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
24/02/2024, 13:26
General
-
Target
2024-02-24_123840ff07ef7909bba56741ea434650_mafia.exe
-
Size
412KB
-
MD5
123840ff07ef7909bba56741ea434650
-
SHA1
51a292f17578d166c0fef05f448e2e374a448232
-
SHA256
f31cdfea5ba9eae088e035dc8e3042779d49ec4de94941856a559a081f0d53f7
-
SHA512
650311205c6a26584a8fc5f1223f3470780fb47ffead939e9d61a0c10219d1ab5bdc5df0c21a008db94e9362bfcc30de6cf67f889ca9324d488488aa1598cd74
-
SSDEEP
6144:UooTAQjKG3wDGAeIc9kphIoDZndpsiDL5NlN5NQaSfhqFyg79564C33P:U6PCrIc9kph5f5H7lNpMh+yg79U4C3f
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-24_123840ff07ef7909bba56741ea434650_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-24_123840ff07ef7909bba56741ea434650_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5E6C.tmp"C:\Users\Admin\AppData\Local\Temp\5E6C.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-24_123840ff07ef7909bba56741ea434650_mafia.exe D8505553A23FABE49CBC8E111AE34A839032B6709A214D225564221FEAC8B9B09EE0FF171E554D9B515C8985931057BE05234AF81C6380A250F3EB56A64992AE2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5ca7b511115fa247bd809c4afcd57df35
SHA1fca6e45340794518f0f952dafeb2b94241120b08
SHA2566713d5fbaff3e8b6439ced1027619972852cc1f1a571d604279f470c4df72d4a
SHA5129956cccbcbe2ddf97bb89e214dae285a524208155ad9bbfa70539510283b69207d2a0e908073b37713f5052879036a553cfbba46c4edccb4f02f56ab2f76b132