Overview

overview

7

Static

static

3

2024-01-23...ia.exe

windows7-x64

7

2024-01-23...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    23/01/2024, 19:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-23_5e51777be56424c1fc4380f5745bf4ac_mafia.exe

  • Size

    476KB

  • MD5

    5e51777be56424c1fc4380f5745bf4ac

  • SHA1

    5db16c28c5cef810f46f38c497dc39ba77c66b8c

  • SHA256

    730ffe6fa09bcbde2cbf1ba8ef114df92ccb9a1534d00415ee68e7edde3f5d74

  • SHA512

    1e8887cfce37a935dbbcf1d42967689811589c610c7a14300fafebf5e3b8cf5be466b9a97ed357f8d800661473bffb83cc8e83109e3658f941092aaa9ba604e0

  • SSDEEP

    12288:aO4rfItL8HRnrJnL4vowjgrcdTv/b+WKcch7K9wlsDpVFd:aO4rQtGRVne5j3Tv6Zbh+9wlsDpVFd

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-23_5e51777be56424c1fc4380f5745bf4ac_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-23_5e51777be56424c1fc4380f5745bf4ac_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:3028
    • C:\Users\Admin\AppData\Local\Temp\7ED.tmp
      "C:\Users\Admin\AppData\Local\Temp\7ED.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-23_5e51777be56424c1fc4380f5745bf4ac_mafia.exe 47B45061CDC0B1D8C8C383EECFAFF5FCDCF3EF470F371C9293A8AAA3C73C365C9E00CDC7AFECF33C728AC676D5BBF3C6AB1E2E571BBA7B0F743EF20C76B0E647
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1888

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\7ED.tmp
          Filesize

          476KB

          MD5

          0be57bd6ca49f0895919906937c8615d

          SHA1

          70824844aab7beb644a3c8a221a2aafd54247113

          SHA256

          d2199522b316bf0f040cb5ffbb57c0c6862472a68f0795a44e8e1a2f8d49887f

          SHA512

          36619b0726346b600d7097f901fb3b639d118a6b76e363e8d31ae5254c47eb9e6a7b399930a6824063dacc5cd1f559a65260a8258b5adac35f75cb29406aa876

          Download Submit