Overview

overview

7

Static

static

3

2024-01-22...ia.exe

windows7-x64

7

2024-01-22...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22/01/2024, 16:32

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-22_102448bd2503a7f4641f0ac88407a0ad_mafia.exe

  • Size

    476KB

  • MD5

    102448bd2503a7f4641f0ac88407a0ad

  • SHA1

    59a52109f76478a20e098a0612f1103efd7b0819

  • SHA256

    bb0f536cb8bb130e0fb4ecb780ca622f69881a73e356c095e1ae31a051f8bd85

  • SHA512

    a3a85c58817c7a732afb52d08ede85e9fcb327fc78e3d1479ee5c5a2397bf7dcf0bd0237bd1b03a6e69b3697dcc723bd394a802f1234c35bf725ab7d87b2c09d

  • SSDEEP

    12288:aO4rfItL8HRiCt3U4aErpWow7K9wlsDpVFd:aO4rQtGRze4M+9wlsDpVFd

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-22_102448bd2503a7f4641f0ac88407a0ad_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-22_102448bd2503a7f4641f0ac88407a0ad_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2268
    • C:\Users\Admin\AppData\Local\Temp\5689.tmp
      "C:\Users\Admin\AppData\Local\Temp\5689.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-22_102448bd2503a7f4641f0ac88407a0ad_mafia.exe DBF98E585DE3DDF8A877824CF6B0C4F7B93233CC42DDEC86EB5D25D8D024AB7F1349A7D4EA01158908C377748B9A42E5CB6914B590B7B4B84B80F5B803ABE0C6
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2964

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\5689.tmp
          Filesize

          476KB

          MD5

          116c3a5316e7a17979334af92d3c4d0d

          SHA1

          ef52dbf9b6361e44f028c56b095343ec8c693fe7

          SHA256

          8a5d06ba2aae6cf7540ad90eb148c5ae586016ec6de89d67e38d1bcaf1df4d63

          SHA512

          6d4341fcff8e5958ef9ab9bb019556fe4c68c0f395ee527ea49440f4e466e180c9bee266e35b8fdd67c7bf8de639cb1d339662c7a6a9943e6442a5abb54e5def

          Download Submit