Analysis
-
max time kernel
148s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
14/03/2024, 00:47
General
-
Target
2024-03-14_c2ef6b0e4083707d8030fe454c3a79db_mafia.exe
-
Size
411KB
-
MD5
c2ef6b0e4083707d8030fe454c3a79db
-
SHA1
4c9625c7063c52eb8652ed60d1fb60b2320050f8
-
SHA256
7f1bc53b90d12d03f722a115c1400dbbe1126a81017fddf3cd69c1c4f76c1260
-
SHA512
1dc785c78d01d3ec20cfb394c0f1e8ba63944524e4b8c9ccae72c0ea55ff39ebdca3b66b320907177a33deab4e1a8750f7df94be329c7701d66855b996231d9c
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFr2D8Vcw+8K6IWotDpk7h8qNhHxyw/gnP5D3sqHI:gZLolhNVyE9D8VcvtDpo7zzqHI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-14_c2ef6b0e4083707d8030fe454c3a79db_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-14_c2ef6b0e4083707d8030fe454c3a79db_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\807A.tmp"C:\Users\Admin\AppData\Local\Temp\807A.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-14_c2ef6b0e4083707d8030fe454c3a79db_mafia.exe 1F6223CB8246CDBFA82787EC3809B8A53B250F26EF7F19F5EC013B73D4EC181726E03B0CFD7EA3868D02BA28920924992C52B76AED2F746D4B83110BDB8753302⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
411KB
MD552c8f9d717e788317354726c910f1219
SHA167cd16d367aed2f3804354ed2dffa54e66588463
SHA2562feb5f7d8243f7a6a40a32ee4e8389a8d91793895d050e0043f38e9c61675d53
SHA5128a936c5d671ec3f8bd5c988f56144b8fb2d99fcb7766258f62abe57e7ea5d0f5676f50c53f7466a1dead6162c25c59676506453dce8cf9ac78cf6e7c7b6be778