Overview

overview

10

Static

static

3

2024-01-25...ia.exe

windows7-x64

7

2024-01-25...ia.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    119s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 16:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-25_8e7b1936d575359c907ecea9825f3b30_mafia.exe

  • Size

    486KB

  • MD5

    8e7b1936d575359c907ecea9825f3b30

  • SHA1

    0944a8ec2d229beab245ee347387191c9b953fb2

  • SHA256

    d0cbfbfd4c33f649c5098282d19449b48531318b2ea786a7013ee082823da344

  • SHA512

    a7d4d94988b68117d3df42d055a6e3aac94573c3a6c93a36f4683ca94e87df6313f7e0af70b46196cc71b163e501747a7cf3a640e6528719d4ba5dd2167eb4aa

  • SSDEEP

    12288:3O4rfItL8HP2cb9c+F+Ka4FVocp7rKxUYXhW:3O4rQtGP2gplHocp3KxUYXhW

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-25_8e7b1936d575359c907ecea9825f3b30_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-25_8e7b1936d575359c907ecea9825f3b30_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:3012
    • C:\Users\Admin\AppData\Local\Temp\1E5A.tmp
      "C:\Users\Admin\AppData\Local\Temp\1E5A.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-25_8e7b1936d575359c907ecea9825f3b30_mafia.exe 23452A9336B77EA3644B600ACE6839DB54AF28895155178D9B62D083765A6571AF85B2B3B4676A14818EDD234098BDA031A7544B98D179AF5918660B4A20223B
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1824

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\1E5A.tmp
    Filesize

    234KB

    MD5

    444fb57759cd900c3f6f3d8bf6795b0e

    SHA1

    e582c48677b2e9b1a4ba5c2724cca7f976ea60c3

    SHA256

    c245abba46e2aa521a65b737a9ec942e4ac372fe03280c200a1e9ce43dc54f90

    SHA512

    4bc01dd471d5c3895e725252cf3dac9baae5a6cfd194f59d189e50e1ed6582741ca840f3ab29695ad29674b1d664a44cb6655fdc0bc79d1f172c41159b908219

    Download Submit
  • \Users\Admin\AppData\Local\Temp\1E5A.tmp
    Filesize

    2KB

    MD5

    9e95cf0fb4bdd176fd2499b33990e152

    SHA1

    1ef538563a6a0ccbc3abe77d2886728a65b88bcb

    SHA256

    9a61658f64ba050a51972aba3b096a8a9c32d0dcdf84c661b001aad75411dc29

    SHA512

    e723c8da1335b9444d208aa1d9f0fc7f404d0d5274848b2c788abf3a995809b59d95d9f6d321df29d015cea78dc599a1e84f0f34b57cf8fb60153ad47fbd6925

    Download Submit