Overview

overview

7

Static

static

3

2024-01-23...ia.exe

windows7-x64

7

2024-01-23...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/01/2024, 22:32

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-23_ae475bf9ec4bada6ba994106021e9e20_mafia.exe

  • Size

    384KB

  • MD5

    ae475bf9ec4bada6ba994106021e9e20

  • SHA1

    ab2d28a5d1f6d9985068d5419c4b1e5646796b87

  • SHA256

    68fd1152dd54452df404e7c5f751751b282467b5315f8d49c06e1117802801a3

  • SHA512

    51153e1a4a0eb0fef90b181225e5c409c8fee30f9779b17c6138135370e128ed8d5927fa5d5efb512b74fff62f29f054a0ff331cb4129c3bdefb0e2153467f45

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hHA9ez1ofW6qeQdsYTf952sxV0AeSo2JY6/KYAmvB:Zm48gODxbzxz1oU15nxV0Azo2JYPYVHZ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-23_ae475bf9ec4bada6ba994106021e9e20_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-23_ae475bf9ec4bada6ba994106021e9e20_mafia.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1604
    • C:\Users\Admin\AppData\Local\Temp\6E1B.tmp
      "C:\Users\Admin\AppData\Local\Temp\6E1B.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-23_ae475bf9ec4bada6ba994106021e9e20_mafia.exe A64868086196677CA6EE4554085FB9D8DDEE2128C0FD7C2124F5AC58C2ED125B6907D5AE521CFA3E3553C65E39C6D6841FF15A513C69E72F45EFA30ED6448A9D
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4104

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\6E1B.tmp
          Filesize

          384KB

          MD5

          250b736b4643f721f572045850f4b80a

          SHA1

          5a4322a223b940a08755a88758b887e18a6a03c6

          SHA256

          ecaa6f15f94290568825f87fe040c0d8f6d6563f13da7ad98776d31523de28af

          SHA512

          ad8f9980b4e352995d0b2748ae669d9448d5e3367eb02028986faf4455616e31a6dffae19d5f3cd264ccff5c533711d6043d9020f749714bcb6602cc0274244e

          Download Submit