Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
12/03/2024, 15:28
General
-
Target
2024-03-12_2ea3c0d611aa44f6b9407ad1a0439e97_mafia.exe
-
Size
384KB
-
MD5
2ea3c0d611aa44f6b9407ad1a0439e97
-
SHA1
e968cc550346fc931df6eb00d40d7a63a538f6cb
-
SHA256
4827bc2630f444b12b82cee8c95872498af16fad2aae4d43dda0a3b4ac19363a
-
SHA512
32d40afc24334832ec1da0af32b60dd61ef9de3da5566edd921a21b8a245963249cf271ff3789bb2e7d13cfd5226ec7e3058e1398731a9898cc4e058ca021661
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hH1ApJtGoyG8oDbucTfptZs5gzAYX6LhCOuCINZ:Zm48gODxbz0pJtGXG8AbucTfptZnAYG
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-12_2ea3c0d611aa44f6b9407ad1a0439e97_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-12_2ea3c0d611aa44f6b9407ad1a0439e97_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\324B.tmp"C:\Users\Admin\AppData\Local\Temp\324B.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-12_2ea3c0d611aa44f6b9407ad1a0439e97_mafia.exe 7D78C50892197506764056EF0DA6EFA62C2CFDA527181E14F64DCBCB456331E0F6FE830F21286435C83865FB95E75667C043DCB85B967DFFBF4BC45881638D052⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD59e494e3d581ad46335a5d89561ff9b5c
SHA10e57a859e9d34d8dccfad318447a2a87bc1ed76d
SHA2560f24824c35f2dd1d8c56f0def46d1b3ca6756ff32a4efde1a097aaa9936d9d3c
SHA512ddabb7279be80b0d2136bc2a1859b531f079f5e70010dc1bc55f00fd330fb7f56f1907f048be51bed2410466dd35e96be617b36baede83636049716a28b263b7