Overview

overview

7

Static

static

3

2024-01-11...ia.exe

windows7-x64

7

2024-01-11...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    129s
  • max time network
    122s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-01-2024 06:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-11_a966dfa42a34d74f0aeee06acec86f08_mafia.exe

  • Size

    468KB

  • MD5

    a966dfa42a34d74f0aeee06acec86f08

  • SHA1

    919a42fe474ff80350a5019c88d52ff475cb161b

  • SHA256

    ca7e03aa1a9110c3b6568c74df02110fb6493965eff0432b45129fdfd4e51745

  • SHA512

    c58a11bfa6a9342743ce8763f9390d9146d34056901cc29328ef838a8cd495ca7ddd6a8b29fcd7cb7c7ace0b584dbee7fec80ccfcbf77b6424e90a87e3139368

  • SSDEEP

    12288:qO4rfItL8HG+HAixlgdJnJs13WqMiAdpJTdJ7bWmeEVGL:qO4rQtGG+llsJnkmqu7JTdJumeEVGL

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-11_a966dfa42a34d74f0aeee06acec86f08_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-11_a966dfa42a34d74f0aeee06acec86f08_mafia.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2664
    • C:\Users\Admin\AppData\Local\Temp\4AB5.tmp
      "C:\Users\Admin\AppData\Local\Temp\4AB5.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-11_a966dfa42a34d74f0aeee06acec86f08_mafia.exe 4B427D1C7ABD4A0D0ACE59F46BEC81EFC4D8970655DFAC4EF35571C97BC0CE4437CF86A2E91B881F20858DB1C0D782D9E26F36EC2048941D11C062954EBE08BC
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3280

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\4AB5.tmp
    Filesize

    36KB

    MD5

    faddaab8dd47b81908c95936c911a500

    SHA1

    f21f0caa1316289d7bf0d40a079bf95d74f2d4ec

    SHA256

    a8c3ca032ae430d0558ceb6a2b26256f12f20b7843add4928b34675e74208451

    SHA512

    616ffeb6f6ebe1f0a5e1b5f415e1a94821a867b0f655eec94631c13b3721cf5f65fb214bc31851f28829af029abddef34ffcd7967f89bb7958a7dab5d7f5e0a5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\4AB5.tmp
    Filesize

    16KB

    MD5

    bf0025eaf9ef625f992ddb47bd4f1a6a

    SHA1

    8dda0e4c2484a93e554c957c0a6a5ae0bc74c365

    SHA256

    c6b64c4471565e6ef5d8ea1692d497f3eb498287fe4f674dd1571fb61e8f37cf

    SHA512

    21bff1ab143bda1c64b8993a30df79a3f399d14c651df44263276754d5f28f84c92ace81fc20dfaef10c41ea1222b3191933273072ba00478b12530e93c5e834

    Download Submit