Overview

overview

7

Static

static

3

2024-01-10...ia.exe

windows7-x64

7

2024-01-10...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    147s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/01/2024, 05:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-10_f32019c7f085c887289f805f6cb97a72_mafia.exe

  • Size

    412KB

  • MD5

    f32019c7f085c887289f805f6cb97a72

  • SHA1

    f0f2a4a3b494a558be9a1cbc734ae731d2700175

  • SHA256

    e619b2dc089ddb10cb30e1d9e4676d9a075c51e6689a2d05521bf3514768d0e1

  • SHA512

    2c0aec18e466956c2062032b8a1b29841da3625b679b3cf6cfadbe4bf8ea2696ac7536809924a9c1d394c9a8fa1913ccd846a4cc768a5e3dbf5e3fad056835a0

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZnB+XN60bRldwzpyL0Y74EaFYTCqWO2N19P:U6PCrIc9kph5bZiwzpNY0EtTsO2N11

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-10_f32019c7f085c887289f805f6cb97a72_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-10_f32019c7f085c887289f805f6cb97a72_mafia.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2136
    • C:\Users\Admin\AppData\Local\Temp\4E4F.tmp
      "C:\Users\Admin\AppData\Local\Temp\4E4F.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-10_f32019c7f085c887289f805f6cb97a72_mafia.exe B08514A2838F3181BE78919937A2108D99147E03CE1106F3E0D949F85E2D3A497B6B4ED44B5978FF545FE55F3555DF360F7F0B892DA9BF54E2ACA9F11A808E1E
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4952

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\4E4F.tmp
          Filesize

          168KB

          MD5

          987673b8a68ad886119bdc0e4a506af1

          SHA1

          9ea64a1888db011d3b29d8bdb541b5a7b88669f7

          SHA256

          a3388d246550e7d207ae756f424fb42c5856653654a2f0f9b4b4766494ffade3

          SHA512

          c08a300aa168a87ed3e5614dfe480b8beb153f6b3f9b9a3b216f886e2f33a3f45400a1ddc0b3904a98ff663b12ea202aecf48dd233bfdba346ef6d0eefbd2bc7

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\4E4F.tmp
          Filesize

          121KB

          MD5

          e6ec700fbe9e517605dc84145a0e81fb

          SHA1

          fab778facdd32bc79439edf383469cff0cedeec7

          SHA256

          44080e068255f5ccc17421ab14cc650bc6cad673ed27e4e1c24e0d00c27c5d5e

          SHA512

          c65f2f9e7b3a1509433190384bf6ea7ee55a91c1d981327e60107e9fe78c252705ba461afcae25efcc30b88c40bc8ddf9ef1c69c7201ad32acc84e8e5696b555

          Download Submit