Overview

overview

7

Static

static

3

2024-01-09...ia.exe

windows7-x64

7

2024-01-09...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10/01/2024, 05:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-09_1175884eedbe00a051169480e655e2b4_mafia.exe

  • Size

    444KB

  • MD5

    1175884eedbe00a051169480e655e2b4

  • SHA1

    c9ac37de0c50e0d255c4aeec5999c100824d73b6

  • SHA256

    300d468e249d43b0000f96f26c74294de94ef1287eb1edfc620bd5318b46d449

  • SHA512

    ed2838e564c2b71888ff238a7234397c1829b2e9a31232bd9cf4eb3be6e96464ae45724a84597698d8d1e007baaf34519c138f44fadfeba0f7d7231751944d51

  • SSDEEP

    12288:Nb4bZudi79L6z1mizph/9CBuvKeNwV6uGA:Nb4bcdkL2ciz94eeh

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-09_1175884eedbe00a051169480e655e2b4_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-09_1175884eedbe00a051169480e655e2b4_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2252
    • C:\Users\Admin\AppData\Local\Temp\1C57.tmp
      "C:\Users\Admin\AppData\Local\Temp\1C57.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-09_1175884eedbe00a051169480e655e2b4_mafia.exe 88EC50C03E5B50C02D84732F28411AC88C4F491FD71DF60D29E1D18362C6B890797197C4C932DA6B81AA0AE67A5A67D3D363573CF73A3993CDEAA4B2D368BD8D
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1948

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\1C57.tmp
    Filesize

    5KB

    MD5

    f35d4b07aa1eaef200e5c289801290b3

    SHA1

    78889558b43dbaa0838a62ba4b03b3529b656ede

    SHA256

    9ada29e8ee1b4657e780c37ca8dfaf9ccfdfe85b7e351dddc66bcbd7c817e1db

    SHA512

    da90dc1450f76c03a8e3884a01b20a59dd008e07e3b140bc3d023fe3fffe6234ebb52428a86d743e2e4921ce3303745c0c2cf3e72c62de563880ce035c6a5f67

    Download Submit

  • \Users\Admin\AppData\Local\Temp\1C57.tmp
    Filesize

    38KB

    MD5

    1b1c9fbf8ab15409d6c76d2e851ae697

    SHA1

    222568bbf9708f102caa4760a144a97378cc1a7e

    SHA256

    cccd381fe69145a68a5824cb6703b94bfd418bed371bb3eb92bfcb3c89cd0668

    SHA512

    c2f720f170bfa4d3bce2737b50a1ddfc2786156612c82562f9378c7e55dcb85ce8cd2822b53f538bdf7ae16203ea517bd8792c059c4e3814cceed4ed85918163

    Download Submit