Overview

overview

7

Static

static

3

2024-01-22...ia.exe

windows7-x64

7

2024-01-22...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22-01-2024 20:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-22_16a75df6027bab7a8c78c8d77f954e36_mafia.exe

  • Size

    486KB

  • MD5

    16a75df6027bab7a8c78c8d77f954e36

  • SHA1

    72e220df0b23243e91b3dd28a1c70a968747635f

  • SHA256

    1a24c9de8e6c415dfd7156ee519dc04db6000ccdb0a190a844e312f8bf3fb49a

  • SHA512

    707e7f18c0c2d01d04b836e8161aa6ce6806896c3c7787104526c7e10d96962b4485cfad23837b0c8ce76dbf62db0ee6d1b0a7ec3b4e9bbce6b2bffb82d37dde

  • SSDEEP

    12288:3O4rfItL8HP0CYvEqIwCxYgGFQGbHw1gN3Mo7rKxUYXhW:3O4rQtGPvYMYzFQIjNco3KxUYXhW

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7FC.tmp
    "C:\Users\Admin\AppData\Local\Temp\7FC.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-22_16a75df6027bab7a8c78c8d77f954e36_mafia.exe EF708326DED6D669651AEE764385F3D1A62CF7DCF612E462C190E4BC61299D7152721E10001848FA652CCC020A1E89D9B5A19C6100ED7F0B91B43AE9F4F3139F
    1⤵
    • Deletes itself
    • Executes dropped EXE
    PID:1968
  • C:\Users\Admin\AppData\Local\Temp\2024-01-22_16a75df6027bab7a8c78c8d77f954e36_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-22_16a75df6027bab7a8c78c8d77f954e36_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7FC.tmp
    Filesize

    60KB

    MD5

    ef5c4d73747dc4f3f3166d30062ed805

    SHA1

    a991c8c40c32c2c102e80998be9d1e8bcdcf0ced

    SHA256

    eeb295c796f6e55fe3a8f91fae49b2550070fa758877219be382fbf6afb4756e

    SHA512

    119ef45d316103c6a879b4223949c5cd2e9ee2e6260ced03cba7159243fd50e8064b7ec26b5f58f2dd22d5beff2608004e96e4fa2fe1b384f50e52932576bdd0

    Download Submit

  • \Users\Admin\AppData\Local\Temp\7FC.tmp
    Filesize

    83KB

    MD5

    5d1f954ccdc3e53233ab27e66747b358

    SHA1

    d06584caecee445415c4e15796077e6a0d55e4bb

    SHA256

    a1b389ddfd40e45badba0341efb00c9de4a6d44ce3c4c71a782e0cbaf2a35be5

    SHA512

    34276b81fc0d7aa8a83a0773584b7639904336a0525f04d9be40fbdcfa4441bec0f49e63b14dc48cea95e46a2b8761c9ad5cbdf0d91a8a421b346b293d265b6f

    Download Submit