Analysis
-
max time kernel
147s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
28/02/2024, 05:30
General
-
Target
2024-02-28_c60b1e557f23093aae630b9a9aefbdb8_mafia.exe
-
Size
412KB
-
MD5
c60b1e557f23093aae630b9a9aefbdb8
-
SHA1
f5b605e49a426a5215107ca21b66e30c4633cb22
-
SHA256
5269b3459fbc77a4efd0b470ac0dc536eac9fc96442d1b036d5baee49c72e84c
-
SHA512
15bc1cbfbcfe9b6c0401cca5f6433f7d0b4a03f813de220b6f5a03183534a03d83ef616277eec76639ec32da82e3014c88f90865b1556f5c7f0444d46f4831f3
-
SSDEEP
12288:U6PCrIc9kph5pB3uSKzvse0na9D3Fvkaw:U6QIcOh5psfQeQARk
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-28_c60b1e557f23093aae630b9a9aefbdb8_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-28_c60b1e557f23093aae630b9a9aefbdb8_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\63BB.tmp"C:\Users\Admin\AppData\Local\Temp\63BB.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-28_c60b1e557f23093aae630b9a9aefbdb8_mafia.exe D2EB9D9B6DE63849615426E026A8F71FBCE75B9302FF9FF76F7DCE31A9E140FD858ED84A0FD6434C1365EEBE969FD278B77E0F0B787E04B2F0FDCB8DC6F386982⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5190e45afc87e49377749be966783a1fb
SHA15e13b43c1a67d35ed5115fac5fe114b04c0889c4
SHA2561214a26c6c6ad1b7b6cfccaccd41ac9f03fb7caabc7314e9261eb69025d66765
SHA51223d597beb09aa74ca75163fea0bb2ab88ac3e685c03b11cc45ecb50e808a62998986cdc207d3dd9ec6bfeb2ba1a6c5f82a8a7116f759217fba2477509b189af8