Overview

overview

7

Static

static

3

2024-01-01...ia.exe

windows7-x64

7

2024-01-01...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    05/01/2024, 05:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-01_4c9373ef6f05f3da783d816ab973e71b_mafia.exe

  • Size

    499KB

  • MD5

    4c9373ef6f05f3da783d816ab973e71b

  • SHA1

    e14676cd197f9404d6d4f1e1f8f214469aa06d7a

  • SHA256

    417550bed9c3e3adffdbf39b299671d385d04792b4729b1b8b7cf0ff9c7349df

  • SHA512

    6d971d72c0a56c1abe847dbf19958888cc417a179b0c9363c855038579ed3b32721fc120dc4af3e1731f04439adb1257fc0b8abb9b3d8434549494461770f21e

  • SSDEEP

    12288:sO4rfItL8HPoa0pWv/8KpFFPLYob6lC7dmsIhiqlj:sO4rQtGPoHpajYG2CAsIhiqlj

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\B08.tmp
    "C:\Users\Admin\AppData\Local\Temp\B08.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-01_4c9373ef6f05f3da783d816ab973e71b_mafia.exe 2E2F8CFA79A8E648052E6BCBFB82F566513178118F662E7C9A913D6A59CE6527DA39B593B9DA18CF10480B3CC0C2671DD334AE48324718BED902D289745CCB07
    1⤵
    • Deletes itself
    • Executes dropped EXE
    PID:1828
  • C:\Users\Admin\AppData\Local\Temp\2024-01-01_4c9373ef6f05f3da783d816ab973e71b_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-01_4c9373ef6f05f3da783d816ab973e71b_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2228

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\B08.tmp
    Filesize

    1KB

    MD5

    e542eed10aef055375444610a8291b02

    SHA1

    87bccfa871b2db6a397f60fe8267f3a74d1b249d

    SHA256

    0bf3af6ef6e994cbaae4cfc52a99c6cc89e7a2159bb833164ec491c7e769e907

    SHA512

    c58ad345fbacbfbd55fd5377ddadd53e36d1305138759a309510856da42c0191d4a82504ca467c67c3edd2347c7043f7b84f20a8038b14975a10524c29ca9420

    Download Submit

  • \Users\Admin\AppData\Local\Temp\B08.tmp
    Filesize

    8KB

    MD5

    4ff54a927898af8be5f6b085e2d24a0a

    SHA1

    47f670267562da910157a9e8f34613a1b1b13e52

    SHA256

    5312e3d0c66563c2450d43bb0c01bd11a4ea223d1d287e40b6810b440d98972a

    SHA512

    e6c9afdbd690313e90ed7e82f4a020361a5e8dc753119eb6dd28f573134603f2b091d1658a155d7686c68e6a0e6f4772fd96ff00905d7a936ae49b7ee7b58efb

    Download Submit