Analysis
-
max time kernel
131s -
max time network
129s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
16-03-2024 04:04
General
-
Target
2024-03-16_0277ef76bde66cbe9e82c17f7fc65b0b_mafia.exe
-
Size
428KB
-
MD5
0277ef76bde66cbe9e82c17f7fc65b0b
-
SHA1
4768f51fec7f338ada4dbb8bafc57a8a0d7c5ffd
-
SHA256
0e5c45f70f93df07494d1e6ad56a1b587c18c1f6e136fc7678305f1d8ecd9e90
-
SHA512
57a99488850ec06dfd70ea54ca2ee674ab0e6232172d2d8f8da3ce16f20dca27301cd2979673c113a6cfb5eb4cdfaecb2a2f2bb0e9d2c4129f47402c52539fc3
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFeVefItXMETvfKroHIvo3B8Mw+af/E/XPyqHR:gZLolhNVyEjAIeUvAQR8Mw+JXyqHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-16_0277ef76bde66cbe9e82c17f7fc65b0b_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-16_0277ef76bde66cbe9e82c17f7fc65b0b_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3A59.tmp"C:\Users\Admin\AppData\Local\Temp\3A59.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-16_0277ef76bde66cbe9e82c17f7fc65b0b_mafia.exe C214C9BD06F58BC1A682474B0B08DF0E6532BC181147E43A9C2CF0B4AECD1AAD190E1F4AB7E8E5DA838CAE33EA768D5764861D6E90BE5409ECF049AE3BC05E6D2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD57fd9d8cb914137ab6bd006dec0cadd92
SHA1437c6d1bee63f8151a8fe94d23477b58eb77a742
SHA2562d7ede3aa8c0b8be9dda0be29fa51a44bd4a9814283240f8668aa60b985beb4e
SHA512e5cc7f513d11649ff6a9c11ff327a065ff531e1b0b10fe277315f0e1d0f91f6b137f3d800260d3e77d27853ab496f72e3e0f34bfefbb88bf1e67ba6d3be958da