Overview

overview

7

Static

static

3

2024-01-11...ia.exe

windows7-x64

7

2024-01-11...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12/01/2024, 05:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-11_4e1bf4be1f75f0a540064fe6d504ea9b_mafia.exe

  • Size

    486KB

  • MD5

    4e1bf4be1f75f0a540064fe6d504ea9b

  • SHA1

    5f335abd608bf8f67c2bff6ab4bb465ba265e1ab

  • SHA256

    9ba6c0e9101ef5624be7bcf273357d37ae94a83f8ac0bc7d883dbe7db36f8e98

  • SHA512

    2be4342807668fb4e7d61582104e3a62b16953ea62c1f9ae5473bf5f3c35cdd1dd82ce5732f1f882b8c2a6ba639baafebf22908c46474aab21bf5be0965a762d

  • SSDEEP

    12288:3O4rfItL8HPPKpkrczKme9wbD5h7rKxUYXhW:3O4rQtGPSpU8Km3n3KxUYXhW

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1352.tmp
    "C:\Users\Admin\AppData\Local\Temp\1352.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-11_4e1bf4be1f75f0a540064fe6d504ea9b_mafia.exe A7220945359996AE1D202C3F62A33333B1CCBB13CA73F8E5747B93B94FB6C48BC5D6FA4BD5E354D683A509CC7F647D8CFA6991B7BCF6431C13E89EFBF4ED5371
    1⤵
    • Deletes itself
    • Executes dropped EXE
    PID:2124
  • C:\Users\Admin\AppData\Local\Temp\2024-01-11_4e1bf4be1f75f0a540064fe6d504ea9b_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-11_4e1bf4be1f75f0a540064fe6d504ea9b_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2844

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads