Overview

overview

7

Static

static

3

2024-01-08...ia.exe

windows7-x64

7

2024-01-08...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    09/01/2024, 06:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-08_f3c7317296f84ba461fd83f6692c1445_mafia.exe

  • Size

    468KB

  • MD5

    f3c7317296f84ba461fd83f6692c1445

  • SHA1

    ba23a5819313a85c28c14406944ce726c2cc8d74

  • SHA256

    3ce6f525ca7f9f26ee1481079f811ef3b4c561b7063a37b0ccab1563a356150d

  • SHA512

    32758c182a45f6aa3fe5875a3d665d001691a675a04ac4a10b221eba18ba63c3abfdebe7c5eab64336c6471279faff3b0540ea6f8d7b0182c3c2dbfae2d3c06e

  • SSDEEP

    12288:qO4rfItL8HGsqqw5XK72MEJDpA0hQxBr7bWmeEVGL:qO4rQtGG5F5Xo2MwDKx5umeEVGL

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-08_f3c7317296f84ba461fd83f6692c1445_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-08_f3c7317296f84ba461fd83f6692c1445_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1900
    • C:\Users\Admin\AppData\Local\Temp\A9B.tmp
      "C:\Users\Admin\AppData\Local\Temp\A9B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-08_f3c7317296f84ba461fd83f6692c1445_mafia.exe 6549FB1933A07BB5F7875FEC90C7E85CFA6C94E984F0ECD37C774AD4DE4BE7B120623B8519347F2525D1350D3B54F13F6A4E37990B72C0208301043B657560E6
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2776

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\A9B.tmp
    Filesize

    16KB

    MD5

    db2a895a0e5ee82336ee29ac70225ded

    SHA1

    30cc94c4b17ae639fd0ad7cc81c67936670e51e4

    SHA256

    8e29c19bb1de3acd754ad4a6b73ca0fc57d70354c9c2ee24f7ca4cb194a909f5

    SHA512

    99986dd9e4c6d583da2c49d0d351a1069420898d12a7189ceb8129b2037a96c73d0d98c5a24e57cdfc622749e5908bfd7fe649ed6cd3a62023eea79c4fc89eda

    Download Submit

  • \Users\Admin\AppData\Local\Temp\A9B.tmp
    Filesize

    4KB

    MD5

    32116321349daabbff4dd03cf6a1069a

    SHA1

    df15a51dd5804a868b4f9e48b232cf68c11111c0

    SHA256

    94f2bf8598bea0ae23f95b53426d1d9fc1c7622593797323cc3eb73fd3001d8f

    SHA512

    5dbbb1da7f235e022c04a06e5193a470f98a8e282096e30d1f50bc74c80364df4b5d939d11af183f0fc5d9763ad59fb9b07b0c8c03086d6e927a90288df96b67

    Download Submit