Overview

overview

7

Static

static

3

2024-01-08...ia.exe

windows7-x64

7

2024-01-08...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    09/01/2024, 06:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-08_508babc88101fcc4e8680b8e90d9138a_mafia.exe

  • Size

    433KB

  • MD5

    508babc88101fcc4e8680b8e90d9138a

  • SHA1

    27c91625212e1afd4c4b4cef45c295c4c0b5067b

  • SHA256

    1a15c538c5d9c0d0be23ed609d5386d545b0c78b2ac7c2b083f9b5617de69a27

  • SHA512

    9b51aa9323cfa4549604983270e7bce3092ba0e407d3ffbcfdcddd6a6a9c03f34855c58bf9b0b6dfc3d6bd34347148ccfd3802fdeddd7f682275924701e5f2dd

  • SSDEEP

    12288:Ci4g+yU+0pAiv+NtlS5NO3dxLiYLmWExzvn:Ci4gXn0pD+Nie3dxLpo

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\10D2.tmp
    "C:\Users\Admin\AppData\Local\Temp\10D2.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-08_508babc88101fcc4e8680b8e90d9138a_mafia.exe E8BFA4B95D8AC8788E4C4317E7B21AA95B6D82CD5E016A49A0410BAC7B2B2136219F02DAB80A6BB5AF6782881CB74DAB94265F5DA1A8BA92354B7D3A13A4D92D
    1⤵
    • Deletes itself
    • Executes dropped EXE
    PID:3044
  • C:\Users\Admin\AppData\Local\Temp\2024-01-08_508babc88101fcc4e8680b8e90d9138a_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-08_508babc88101fcc4e8680b8e90d9138a_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2364

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\10D2.tmp
    Filesize

    32KB

    MD5

    04be338a21b7951933f66df3ca0a2fa2

    SHA1

    f6b6de2d3daeb346ec3cf608c2cbf6391362e9a2

    SHA256

    7f8470a88185f82c14d3d270c1f6958b122093e2e83fce4711ec91e599941a2e

    SHA512

    8cef8fee99330302223695f9485221b362c56b387537c821e8cdeda59b0d5a2061434c4d5db196501ab4f9cbb04a9ead5d4fdae0e6d84fb45dbbd15b4aeaf31b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\10D2.tmp
    Filesize

    433KB

    MD5

    ce1cad4ea7f048f00fcfa29d82629af6

    SHA1

    a9eb2f31045552bcec01f644ca38e8f34118cda1

    SHA256

    46b4e92662fe909157d779d1b4536837ddc955f7fc3fd7a35b4f73be9812a41c

    SHA512

    7d78a6d6a43a9d4e003d81acc21798c54ee0994ebdc5dd74cd7507d0e2420ca47a57640f4ef8118ef827bbee82ba40cebc3466980271cb7d6942006b95a2db32

    Download Submit