Overview

overview

7

Static

static

3

2024-01-08...ia.exe

windows7-x64

7

2024-01-08...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    09-01-2024 06:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-08_b4704787e0ab8908d4c69b103353e10e_mafia.exe

  • Size

    479KB

  • MD5

    b4704787e0ab8908d4c69b103353e10e

  • SHA1

    4c3bfb1aec9c0f7f79e3bf2f69c1097357ec8c86

  • SHA256

    fb70c8d1f805d6c4be8c889d5e52443d243efd67e37acbb7e45fe0cf02b46888

  • SHA512

    091fc4a4ef2d53935a2cf812fba670028c92e35a471d4a9d7410e8f4c47e805836d702d144f02c60f31fa28ccc317a3f2f2a5cd0c431e99f38970653c5553f65

  • SSDEEP

    12288:bO4rfItL8HA65duH7rikUVOt3vzYWrzblgUng75UO:bO4rQtGAYubrNzYWrnlgUgVUO

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\A3E.tmp
    "C:\Users\Admin\AppData\Local\Temp\A3E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-08_b4704787e0ab8908d4c69b103353e10e_mafia.exe C4B1EAE7002D1CE9637DABCCBEE11A2C8B29E994028DC8B6F8EBFA11EA94E9FC4D7280976B3019B52B8E0CDE504EBB38EDF2B73F9ACD5F994B0CF0CFBF11CE13
    1⤵
    • Deletes itself
    • Executes dropped EXE
    PID:2308
  • C:\Users\Admin\AppData\Local\Temp\2024-01-08_b4704787e0ab8908d4c69b103353e10e_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-08_b4704787e0ab8908d4c69b103353e10e_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2800

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\A3E.tmp
    Filesize

    75KB

    MD5

    44da47e7b44d3e44002ea8a194cf094e

    SHA1

    96ccb3eaf74a07fde92224bc741526a57a8fb747

    SHA256

    e7fda10ca30be811291a4315d20d39cc9cb28ca827bb89677fc7213fba4ea2a1

    SHA512

    e468b96d92dc02d3f09009d3e66ec861f67f4dc59d95926341fa89fc1dec7c4ee2be6f1064cc4745f8fae20dc6836faf933eddd3d67d70083a906e1ed1bd0ce7

    Download Submit

  • \Users\Admin\AppData\Local\Temp\A3E.tmp
    Filesize

    29KB

    MD5

    4b588df3aef8ff840f2352033945fe4b

    SHA1

    ef5c628a6a7f1550f71e7aa3670853cf75220ab2

    SHA256

    54c6beb80281ed8b26837e5a89811eb68cecff55eecf986ffbf172e3aae98626

    SHA512

    75020a1a275adda51702ee02e78073127be4efd06900e3feb5ced0263032bc39c3931b951aa84bb269237297492cf0f29dbdf98a6e3d84bd08d9b978a77dcdc4

    Download Submit