Analysis
-
max time kernel
147s -
max time network
158s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
28-02-2024 12:43
General
-
Target
2024-02-28_c756430cd9fb634942567260ba1d143a_mafia.exe
-
Size
411KB
-
MD5
c756430cd9fb634942567260ba1d143a
-
SHA1
14aebf8b453416826e968dad004892b85ee159d6
-
SHA256
a795d2958f8f7d99124d2fe89fc0bf445d04bc6541de50e86927e09be07f343e
-
SHA512
9f9ab6622ecce03e5973d6215babc622d3e0f13e3391c505802b3218200c426b942a9daa0e7c6e06dfd67c8d471ed81ba9ea09e0735dd1a5d3dde84b04f6c683
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mF3FbtVqD5cYRY5j65r0Mp3qHI:gZLolhNVyE80DTRY5eZ0oqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-28_c756430cd9fb634942567260ba1d143a_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-28_c756430cd9fb634942567260ba1d143a_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\9E92.tmp"C:\Users\Admin\AppData\Local\Temp\9E92.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-28_c756430cd9fb634942567260ba1d143a_mafia.exe E5C1BBA9A4CAC978CC060E2D4CB422A0AA958538CFFC0C427446E8F9EC597CFC90157613544C02084F853936CBCB608568DAEBF1F12BBF63764E686B4F31F2332⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD5ca49eefbe67650fc58217188fbe6197c
SHA1635287f4f691df2124a55af48b50ff0accb13bfc
SHA256c6a25f5a0cad3bcd95083215864c13eef76c3f4d6fc805ca6684740a4bc786b4
SHA512c72c5717a0bcdb05921c3ce0fdc15c255bacdf0ec5c879e9a30dfb10360af0be4c68444c1e2e1d3008ee21f1f30095b1ee986afe09c9c16a0bff0430e04712af