Analysis
-
max time kernel
139s -
max time network
171s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
20/03/2024, 00:59
General
-
Target
2024-03-20_ecfb09ed92a53465d0b51474944bf2e8_mafia.exe
-
Size
412KB
-
MD5
ecfb09ed92a53465d0b51474944bf2e8
-
SHA1
72ca46b2bac51153497358cad8e592a35c5fcc32
-
SHA256
baca690ddb33cf39bd9873ae1ceb7962d0e427a8434abf8e0b0743f51b243d34
-
SHA512
e65c6b823713ddd1ee36938ced13053e1d1643e7f7bbe0724f2dd4eb513ea6836b051d0977d6fca0d3c62fe991decae96176d3ce27ebea6205a157508d9c7c8e
-
SSDEEP
12288:U6PCrIc9kph5XfFN37IF6c+JsVjZoTWg:U6QIcOh59q0TuNK
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-20_ecfb09ed92a53465d0b51474944bf2e8_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-20_ecfb09ed92a53465d0b51474944bf2e8_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\EFF.tmp"C:\Users\Admin\AppData\Local\Temp\EFF.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-20_ecfb09ed92a53465d0b51474944bf2e8_mafia.exe 965B6E38FC17B54F2ACD461D6B2CD4F8A447FC72521F97D082841730E69D8F1FD9984F56CAC47C741B15B00BA498C5044DB9D4DF98FF334EE0ACAE6A751CF4D42⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5be88c8ecbd18a766f54582c848b0ceb9
SHA1592bf3c7a01d76c881a23c0f080d259675298d22
SHA256c31013bdf2b0559766fc627432f259b44507096979b57b98376710a4519b4270
SHA512313522eb52b342b6caa87d26398e8c532bf13a20aa3fc1c407bdff08f240a3e41c80ce8b34fdb5a325e07a902a6c4b65baa40a0bb2de15687d0b97e1de9fb9c3