Overview

overview

7

Static

static

3

2024-01-11...ia.exe

windows7-x64

7

2024-01-11...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12-01-2024 06:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-11_a966dfa42a34d74f0aeee06acec86f08_mafia.exe

  • Size

    468KB

  • MD5

    a966dfa42a34d74f0aeee06acec86f08

  • SHA1

    919a42fe474ff80350a5019c88d52ff475cb161b

  • SHA256

    ca7e03aa1a9110c3b6568c74df02110fb6493965eff0432b45129fdfd4e51745

  • SHA512

    c58a11bfa6a9342743ce8763f9390d9146d34056901cc29328ef838a8cd495ca7ddd6a8b29fcd7cb7c7ace0b584dbee7fec80ccfcbf77b6424e90a87e3139368

  • SSDEEP

    12288:qO4rfItL8HG+HAixlgdJnJs13WqMiAdpJTdJ7bWmeEVGL:qO4rQtGG+llsJnkmqu7JTdJumeEVGL

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\15A3.tmp
    "C:\Users\Admin\AppData\Local\Temp\15A3.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-11_a966dfa42a34d74f0aeee06acec86f08_mafia.exe F4798E21FF4C9502FD99C00CBA18B69EA9148D75303652F7171457641AF730112C2D159FB09EEA29341776CD3235A8B3430585927DD3B87F58597E96A1C0D803
    1⤵
    • Deletes itself
    • Executes dropped EXE
    PID:2964
  • C:\Users\Admin\AppData\Local\Temp\2024-01-11_a966dfa42a34d74f0aeee06acec86f08_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-11_a966dfa42a34d74f0aeee06acec86f08_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2288

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\15A3.tmp
    Filesize

    1KB

    MD5

    62a739ced14db5860b05801165221009

    SHA1

    175f97a414a3bc2d8aebc0ff7bad1b73bf852b0f

    SHA256

    d72432bc9ba99bd086cb6d9d32c4efdbd6395ac72094ba3eedf2ff2ae4106060

    SHA512

    4dec20ad0071b358594efcc34a08ec23542e0f7a08434d78218d91bdfcbaace48c72b444b9cb4f3a2df1c9b7b12be2b35479ab43e59f56a2e186fe06c86da0b3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\15A3.tmp
    Filesize

    29KB

    MD5

    c0d8f0de94271b103806c1dcd8a63793

    SHA1

    04548ba5655bc90920c02ef13a53c836252af04a

    SHA256

    28d1bf505c21025cd4c8b0248c174404d4115ff76230a62d8d242a4aaee914ab

    SHA512

    ce63b8d89b5a1b29f72f15db0c17cdf75fa82ec80b0d97a9c9e4f8e4f6bc3edb858f77b2f3aa173947696df3c68d5a5a43beafd7d6e5cdc82a68a451a8e423ee

    Download Submit