Overview

overview

10

Static

static

3

2024-01-25...ia.exe

windows7-x64

7

2024-01-25...ia.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    117s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 17:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-25_36bb35a7250c89e6184cf473503e4da7_mafia.exe

  • Size

    411KB

  • MD5

    36bb35a7250c89e6184cf473503e4da7

  • SHA1

    ac14efb1900c3031ff906aea55255b253c0c98be

  • SHA256

    3ab789cc658c33edace9ef1754b0e1b488c39362e0738111c148f9e648c1aecd

  • SHA512

    408005fd4d7f36a01d6173e78020b7058519539211960e7fc22b8380f7c21caf56cc020e68aa289e9a40131e1c6f8c1d63fa8f7907533de48127e56b1f55dbb2

  • SSDEEP

    6144:gVdvczEb7GUOpYWhNVynE/mFVrm1Wi4RdVpNnEeA7spzqizQKcqHI:gZLolhNVyEKm1WiEv3nTzqscqHI

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-25_36bb35a7250c89e6184cf473503e4da7_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-25_36bb35a7250c89e6184cf473503e4da7_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2384
    • C:\Users\Admin\AppData\Local\Temp\2F3B.tmp
      "C:\Users\Admin\AppData\Local\Temp\2F3B.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-01-25_36bb35a7250c89e6184cf473503e4da7_mafia.exe AAE86FD8C52FF25FE0D4219686C2B1842D3A7FE5381C4D2AC60A8ED15B83B3C4D20E9D20DD160FF14B53D9273B2A54FC9EBCFA26A15E6E36741B85BB965D0457
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2316

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\2F3B.tmp
    Filesize

    411KB

    MD5

    649ab9682c16cd4342c0f62808f9b8e0

    SHA1

    9af7987a9a3595ca7840cb1a78cbd6ba672cf8a6

    SHA256

    79ded2fc852773c5b7dc472976d556354aec0bc89ca3ca4a1b29ae0b9cc81818

    SHA512

    b000c9f8bd1f9382c624f726d3f5af7174a13dabd6cf60a95daca74451c2d84141fa56ae0baeccd7fdc82ed18cedd03a609ce35b6f2b588dd205ee4b5679d943

    Download Submit