Overview

overview

7

Static

static

3

2024-01-18...ia.exe

windows7-x64

7

2024-01-18...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    141s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/01/2024, 23:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-18_c1b2e01c2875e9d199475892c91ffde3_mafia.exe

  • Size

    468KB

  • MD5

    c1b2e01c2875e9d199475892c91ffde3

  • SHA1

    5801b45fe6d67e14e2b7768314add64d5d1fe8b1

  • SHA256

    50e57477d780c05bdf8782268fe1bc6f09c2abc1c3f55c90429a7ba92ad19943

  • SHA512

    f83b2b352f9f019eec2fbbbb8a73233dc979ed08e93c759468e7f26c3d71bee61d5878736de20f79a86e9431c669854e42c1789a950330f0de446a29fd0095b5

  • SSDEEP

    12288:qO4rfItL8HGBvd2TFgRk4JIusBE983zurwwv7bWmeEVGL:qO4rQtGGr2TUk4IfXtwvumeEVGL

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-18_c1b2e01c2875e9d199475892c91ffde3_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-18_c1b2e01c2875e9d199475892c91ffde3_mafia.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5108
    • C:\Users\Admin\AppData\Local\Temp\4E4F.tmp
      "C:\Users\Admin\AppData\Local\Temp\4E4F.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-18_c1b2e01c2875e9d199475892c91ffde3_mafia.exe 1E10D8D0158B69DC2DC8122708C6105BF693154A94EA83B9218D39788472332A34800F50AADCBF7040A2D5AB225717321344FA8DF6BD53F5788364B50653820C
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\4E4F.tmp
    Filesize

    144KB

    MD5

    9d4a54c703f163e829b90c434779f982

    SHA1

    5ed6ae00f2ffd9af63d0e89214d690c6afc4ecd1

    SHA256

    6121c9901d7d1f1437a3b0d6aa3f3152dfeb4296ac98176a003dcd937c099fd0

    SHA512

    8d4b57cbc2142e1b7a3310f6e62ee5e391508365a409ce90b174968c7e747636f97f89bacc7e01bf793d74beb4a97c293b0225f937f6f97df0679696423c55f7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\4E4F.tmp
    Filesize

    120KB

    MD5

    4dcd80690e9c395522446fe3e46e7b4b

    SHA1

    678f539fa27794b5520380336c5f6aefde511513

    SHA256

    21002ac57a5ab2dc255ec56aec0cf7a494067d8181ed9d2c54e7e5535c1a4e73

    SHA512

    ee258f6559a9ae1332f0ce729ad3530099b02d3dab7e2c8e0d71a3065d143a5d30b10c54f01a4af7d25fa27b7f98b08ec4a793c58348545bd683cb0642503d4c

    Download Submit