Overview

overview

7

Static

static

3

2024-01-09...ia.exe

windows7-x64

7

2024-01-09...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    60s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/01/2024, 05:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-09_2a1222dc21f5628221182f4c966b6d19_mafia.exe

  • Size

    384KB

  • MD5

    2a1222dc21f5628221182f4c966b6d19

  • SHA1

    792f61b96abf6133395c7a8b0b0ef937e9c63410

  • SHA256

    9d6cdaf62d844baf2e4cc4b50457076bf1bdeffa82a3ce60e5acaaed8af527cd

  • SHA512

    22e7bbeb12939645a26999e72fb3f73f56fd6ce3e5d47284680c632de9c9654da0ae2005e4eda786efb6803f51148026c34387834e7f5dc8bdbf00839aa685df

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hH06EixRmv0OdHO1PFFGX5IATKHGwZOlC/hQbZ:Zm48gODxbzCrvdKdFC5RT0L0lohUZ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-09_2a1222dc21f5628221182f4c966b6d19_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-09_2a1222dc21f5628221182f4c966b6d19_mafia.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1796
    • C:\Users\Admin\AppData\Local\Temp\4E6E.tmp
      "C:\Users\Admin\AppData\Local\Temp\4E6E.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-09_2a1222dc21f5628221182f4c966b6d19_mafia.exe 81484CAE9EC26A05F0515C015109A9021F03FDD35DE881423421A9EAD633F51AEFE44546A1D160AD249719F9393A3E2E51855C363968BE898659E52B4940D7D6
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4528

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\4E6E.tmp
    Filesize

    77KB

    MD5

    e0f13dc06561bf428f704ac77b32d7d8

    SHA1

    ec20dac35584e0a538a975b57e3541166271ba7a

    SHA256

    feab5d989d07f5ac43aa5e48af5eead39df2e1d5f89fa803feb440ecdbe40e98

    SHA512

    e4faed8f09ab53bf239c428b50cd665a8c58210b2e1e5f28b0477c3506c7db0bf7866b7a2316af48e635c03042956540764178d60228d4ccbadef117c5f4a37d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\4E6E.tmp
    Filesize

    116KB

    MD5

    b517dad8b3caa96877c96c595044b002

    SHA1

    18846a719e3a84f66498712d3998cb8909c2aad6

    SHA256

    4095be4203ea0dc5beedca6d1d38f717e676cd9d14576ee601fd1b3b7fc4a69b

    SHA512

    3a6ddc64286a768b94b2d4ad23171ae93cc2d59e69df5e3ede789be40cd39f807cb180c1f256e2c5cc668fcde736580164cc81ec80180476fb6fb3ae76d5dd14

    Download Submit