Overview

overview

7

Static

static

3

2024-01-06...ia.exe

windows7-x64

7

2024-01-06...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    07/01/2024, 12:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-06_3d46e6b174b580569583b49944b6b202_mafia.exe

  • Size

    414KB

  • MD5

    3d46e6b174b580569583b49944b6b202

  • SHA1

    405eb4344f28e111dd89e9869d04564122040a6b

  • SHA256

    01b7ba108918070193a20d9c9a6d544d522c367773222125fc6bb7bdd59e162d

  • SHA512

    f4230f597460064937c4790bbc66f0ce85f81c0ea9299821dceba17a33d789e610904417954e4bdf402e5785196918c543dec1b9457355fef1aa9d2c18a65371

  • SSDEEP

    12288:Wq4w/ekieZgU6mrPEQCutuJJP4fYvKdbHIlx:Wq4w/ekieH6mPTCutuJJgfYSmr

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-06_3d46e6b174b580569583b49944b6b202_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-06_3d46e6b174b580569583b49944b6b202_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2892
    • C:\Users\Admin\AppData\Local\Temp\619.tmp
      "C:\Users\Admin\AppData\Local\Temp\619.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-06_3d46e6b174b580569583b49944b6b202_mafia.exe 86FB1915549FA59D61E19772D7402721897EA21E8A60B32F3CDFEB9849AEB2F13BBFE5997B3311DF4385D44A48DE755F616CE3929B5E2CED5BE898DCD1F74C90
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2784

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\619.tmp
          Filesize

          92KB

          MD5

          e834545be73254c8db0fd3787c810427

          SHA1

          3a4862db7caf1d3fb85eed534b99584b906165ba

          SHA256

          ee52e1896adf73f739a0dfc4b940dc5e765a3da236ba28e6c29cc6252379bf85

          SHA512

          f7b1a2f8c322b0224d8b9fedb69352569942165f503b42cd40d697347b1aed4f6a8d6da92fcf19f360cc5ebcd34f4346a8e567b64bf66de0e507a8903ffbb2ec

          Download Submit