Overview

overview

7

Static

static

3

2024-01-28...ia.exe

windows7-x64

7

2024-01-28...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    28-01-2024 05:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-28_923a13512f5bf764e9cf72268206def6_mafia.exe

  • Size

    444KB

  • MD5

    923a13512f5bf764e9cf72268206def6

  • SHA1

    2b672fca47c5363401fb014cfb76cbf24624342a

  • SHA256

    280946d5c5380c161f12e378108e73e9911d3c8103709d622a2789c165cbf9fb

  • SHA512

    ed2457ce80e0dda6010043adb1b4e7f25015ebb87cca5f460acf15f8d4d37196408491f3fe9a646eb5d714be67ccf857edcd36da7fb90e07cc4b1c31328c7017

  • SSDEEP

    12288:Nb4bZudi79L7dLxd8xAqvoMAw2DaU66deSVsA:Nb4bcdkL/d8Kg2Gcdew

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-28_923a13512f5bf764e9cf72268206def6_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-28_923a13512f5bf764e9cf72268206def6_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1196
    • C:\Users\Admin\AppData\Local\Temp\5245.tmp
      "C:\Users\Admin\AppData\Local\Temp\5245.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-28_923a13512f5bf764e9cf72268206def6_mafia.exe 0D6779B7AC515432F313CF29A686E2A2B718ACD591F1599909B5F5AC92BF8AADE16D3AC67ABAE2CE778A04450377FACC085FC8EB87C1CE08CBF5D4EE7A3254A6
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\5245.tmp
    Filesize

    141KB

    MD5

    93dfc474ffa924b86c482eea1a3d8c4d

    SHA1

    ae4ef662cb47bd83755cf067c9053f76254338d7

    SHA256

    b90bb7755fba89efebe13b4ef5f7249437c4562a6f60e642a0074d7f27244fb6

    SHA512

    5ead336f0d79c2872ff9538d286db7c37c9c8d99b15d575ae241cd842748dcc50a6fb3412e2c29f4ad471eb9ca023d87d91effa38d0eeb4dbe3407b3ecc6b837

    Download Submit

  • \Users\Admin\AppData\Local\Temp\5245.tmp
    Filesize

    220KB

    MD5

    127fe41c202cd90a966d18aa2f72c6d7

    SHA1

    fb0734b46fcdbbb7d2faab9c5619337a026360d7

    SHA256

    6a3e979f0ef6d77a84f8c48aa10a6db088bcd2c754686e914037e8a9f28f38e6

    SHA512

    0daaa8b8e6429c8f24012ff1f39450934f5ffe3d52b982d6721f34a914f90e73739a6c5d7346d10b7ab3f0ce95292dddbd468a1d8ecdadfbc76c9829531b3011

    Download Submit