Analysis
-
max time kernel
150s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
09/03/2024, 21:53
General
-
Target
2024-03-09_cba4dfdda2254c96f0241bd57b63b10b_mafia.exe
-
Size
412KB
-
MD5
cba4dfdda2254c96f0241bd57b63b10b
-
SHA1
f90ec2a3ba58186947d8f0b2560093116f5f4f1c
-
SHA256
44c6760b7f283c943150e9ec80759ee5159a3a5bb7190ebc8deca0ac817af4db
-
SHA512
08e7583aecb6166a4687b0f20089b24d563c55c7d285befa431394c58692acf89a2bdff27229ed4b326e507a15bd6e6bd15b666f10551b92aa3f9fb0375a421e
-
SSDEEP
6144:UooTAQjKG3wDGAeIc9kphIoDZnzFyUfWuF496uJon6OfCKvyMBpGZJOdP:U6PCrIc9kph5hOuF4Jox6KvyMKjOV
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-09_cba4dfdda2254c96f0241bd57b63b10b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-09_cba4dfdda2254c96f0241bd57b63b10b_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\510E.tmp"C:\Users\Admin\AppData\Local\Temp\510E.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-09_cba4dfdda2254c96f0241bd57b63b10b_mafia.exe 6FEFF5F09C11AA46D8FC140BE1EC536A6D6B5BE6F219F9C522F52ACA76FA7CEE1A2DFC86B1830675D81960876184F972E91A339ABB7EA140A25AF4C3AF8C56C32⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD55fcbac3121df935e0eb191398ccb7570
SHA1e5dbe8ec05b330ca11e16b601bcbb58f8fbc1233
SHA25626047109ec9c871b83995cf19cef34489a56e7daed71bd1431625e6eb12b608a
SHA512a08a3152ac9ab345fd08b87bb3efb607ae8eb00b5b4f9e06d3c27716d4823964c763be9634b4d8016edcce1773f57fdaad5330afdb947904d2f284998b81a122