Overview

overview

7

Static

static

3

2024-01-08...ia.exe

windows7-x64

7

2024-01-08...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    163s
  • max time network
    116s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-01-2024 06:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-08_b4704787e0ab8908d4c69b103353e10e_mafia.exe

  • Size

    479KB

  • MD5

    b4704787e0ab8908d4c69b103353e10e

  • SHA1

    4c3bfb1aec9c0f7f79e3bf2f69c1097357ec8c86

  • SHA256

    fb70c8d1f805d6c4be8c889d5e52443d243efd67e37acbb7e45fe0cf02b46888

  • SHA512

    091fc4a4ef2d53935a2cf812fba670028c92e35a471d4a9d7410e8f4c47e805836d702d144f02c60f31fa28ccc317a3f2f2a5cd0c431e99f38970653c5553f65

  • SSDEEP

    12288:bO4rfItL8HA65duH7rikUVOt3vzYWrzblgUng75UO:bO4rQtGAYubrNzYWrnlgUgVUO

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-08_b4704787e0ab8908d4c69b103353e10e_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-08_b4704787e0ab8908d4c69b103353e10e_mafia.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4352
    • C:\Users\Admin\AppData\Local\Temp\B7F6.tmp
      "C:\Users\Admin\AppData\Local\Temp\B7F6.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-08_b4704787e0ab8908d4c69b103353e10e_mafia.exe C30F3C2B558594AF7C01A8E7BA6EFF8D7E6A8826F304E4F1ED35753EC3A7F4712AB18F6794678BFD1E110236A9EA890039660D9DDABDE05663DEE2B3BA3274C6
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3624

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\B7F6.tmp
    Filesize

    130KB

    MD5

    a0f4c547b9e41718d177e856e8aeac01

    SHA1

    35f597aa8da0ad954d9aca9978568c30abaa12c4

    SHA256

    453c116eb747e7cde165122f741c19db49be676ec60f484415e2c78083de70eb

    SHA512

    39bed84d0adac1e0e5e47e23863b75e8cec5645e8a46e3610a8154060b40c2418bbecfd7a4f336e11e064fc628e1d5d1295280a2f5c9d2ef412faa6d8ef5047b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\B7F6.tmp
    Filesize

    180KB

    MD5

    1728275d54d2414f1a9450635d3667e4

    SHA1

    e46230ee08d6fa57445cc982918b96d7c70762d9

    SHA256

    47f2ad79ed19426d15f3425e7649264c75915126c5a6c7d9b829456fbba3390a

    SHA512

    6370c43a8b4541e85e3e9f7a9f1cd54d3aeaa94fdb880d1103e18a17dc0b593d338a4bd762551cc06538ed19d72646e3863bd70b55097680bbd0449ffa3cc522

    Download Submit