Overview

overview

7

Static

static

1

2024-01-28...ia.exe

windows7-x64

7

2024-01-28...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    87s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-01-2024 01:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-28_d0985220a2cc3b185000f0ac9f36f60b_mafia.exe

  • Size

    51.5MB

  • MD5

    d0985220a2cc3b185000f0ac9f36f60b

  • SHA1

    4751c6239f2d28d78e5181addcd1a8faefdefe56

  • SHA256

    baa5a2b99fcb2dab6877d2ffe34e15b9de0a4aa8e7722af223f3c092185418c4

  • SHA512

    a7ccc056d985700492492471e8a6ed4f5f1b121a736674c503dbe5934a5a0d1b1c6c1d514a3c8c6bf5867444e1d3b8d480e73cce0aa20077ac44fee761ad26c8

  • SSDEEP

    786432:agBD6Kwbu048ihxu2yn4N8ROwYs1puxJTQVu5gU/pYLTt1GlorAoqNBgqMOB3dN:F5ibux/3y46RPux8VwpYt10j/N

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: EnumeratesProcesses 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-28_d0985220a2cc3b185000f0ac9f36f60b_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-28_d0985220a2cc3b185000f0ac9f36f60b_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    PID:2976

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7z.dll
    Filesize

    928KB

    MD5

    821861d8a6aacbb16a67e6bc695a5992

    SHA1

    751c3fa4dcbc0a193c0c34c546c377469d62878c

    SHA256

    15e619a80aab71f718f9ee291e7cdc20eca6caa047f7373cc2ca7c2c940ed36d

    SHA512

    afa8b06fb8db1fc07abe548c2fa4b8c27f14823e54ee800f8a02ec24d97cd8a3e5fba0d2230981a484387c5d2a64b67f4a3c88a9d8a16625cacc835ede77e552

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Client7z.dll
    Filesize

    120KB

    MD5

    6e2dcf45773559ca8f775279b7e4ac04

    SHA1

    8bbb607498c06b008dbdc0bc8728a449ba3fc05a

    SHA256

    7ae088fc1ecddad320aa6f8ae50d0512394207ea54ecbe900cd46f0e4bc327e8

    SHA512

    3e4a4c7eaf844cfbc5d3d502f7376566f6512ae8786d0de4cd24d119c55c452c7698982256f4555fa4c65f1b3a9f650525a94c89c25931ad4a55817d2a13bfec

    Download Submit