Overview

overview

7

Static

static

3

2024-01-18...ia.exe

windows7-x64

7

2024-01-18...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    18/01/2024, 23:16

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-18_b860cdf3cab7e5c000206b6f4b938314_mafia.exe

  • Size

    433KB

  • MD5

    b860cdf3cab7e5c000206b6f4b938314

  • SHA1

    e5efe592ce103fc731d143c257d446a56c3850ec

  • SHA256

    c7aaf72e784a3c1009bc5b7e29e68b245c976bec5e56161706070d822b482e0c

  • SHA512

    dd30a64151455e505b3c8c0fccc711033821d283194d11ad5f6eaca21349c1f45c3a186db5f146aa1932f2e8cf63399b6b4180b5161b831e19f3aaf763c01777

  • SSDEEP

    12288:Ci4g+yU+0pAiv+Rmn01GannMZtznEcUZAn:Ci4gXn0pD+Rmn01CH7O6

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-18_b860cdf3cab7e5c000206b6f4b938314_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-18_b860cdf3cab7e5c000206b6f4b938314_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:3036
    • C:\Users\Admin\AppData\Local\Temp\97BD.tmp
      "C:\Users\Admin\AppData\Local\Temp\97BD.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-18_b860cdf3cab7e5c000206b6f4b938314_mafia.exe 71D00C551EEBC66725EC77C1AA10B3C902867EE6B69F86979F8FAC3C61A048E9783585D2F4CC58DDCA444E8683AE0FC0EAD509EBF03F13DDB988334291602F8D
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1028

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\97BD.tmp
          Filesize

          433KB

          MD5

          6e3bd577c08ae327258c605b95166037

          SHA1

          c202a5099adcd1e58d6ad0f0641ca86313c99953

          SHA256

          786a55c19d4d6c31164246d9908fd4ba592bd5feb9b7b13025b99b55e185acc4

          SHA512

          3900567bd7d558256fef8e2567c396e9ba63fdbe31513ef62c56456ed9628d0016270ea2c22250e1d18663340e47eebcd42961090e19eb7ae922291837683d4d

          Download Submit