Overview

overview

7

Static

static

3

2024-01-08...ia.exe

windows7-x64

7

2024-01-08...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    09/01/2024, 06:36

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-08_0a4114f4675f5eea2b853daf590770de_mafia.exe

  • Size

    479KB

  • MD5

    0a4114f4675f5eea2b853daf590770de

  • SHA1

    16d65118e76977e99ef29e097903d8db5610996e

  • SHA256

    4eea2a57b8a0bf53ab73a52a011a3df523ea0540c0b90eb416dfc4bf44f2b3fc

  • SHA512

    ace415fb21fbe5eda50c5053968caad064ef9fca86469fcc3d9a86e7d4de39c6108f7d41c9cfb7ca52e4cb0b74912a73699241bb2cf595bbc7db4f90b476b280

  • SSDEEP

    12288:bO4rfItL8HA6DnGBypX9SG3RzpaEZ165J3eMmV75UO:bO4rQtGA6DKyNcGh0AVVUO

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-08_0a4114f4675f5eea2b853daf590770de_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-08_0a4114f4675f5eea2b853daf590770de_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2092
    • C:\Users\Admin\AppData\Local\Temp\F6C.tmp
      "C:\Users\Admin\AppData\Local\Temp\F6C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-08_0a4114f4675f5eea2b853daf590770de_mafia.exe CEDD5A541F855E8B04B0F8AA1E954E86C4A64813F70848BB7160C4EDB477FB41663F3CBB6B34E1C99BC2FA112E3AE8F7BA7CE7CA14C4B227A7F6F09E466850F4
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1204

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\F6C.tmp
          Filesize

          9KB

          MD5

          8780376373c4e7aa9ccdc5ebac8fa86f

          SHA1

          a7112f04766600e52ea7ae611776f377df508970

          SHA256

          c7081d712b2d6c685f10399a1609e0bd290e5590d0c7168d63feab1ea4b1f5ad

          SHA512

          6293962bf5770de1f0cb12327bb8ebb9eb520fb9e83242c4903a93fc77a5c30459b5c6fb6a2347ea2ab4b1b059024aab7a48272fe5dbf34feb78b6b4013de5ea

          Download Submit