Overview

overview

7

Static

static

3

2024-02-01...ia.exe

windows7-x64

7

2024-02-01...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    01/02/2024, 20:50

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-01_b81fe6425fb791c6a26235640c7f1804_mafia.exe

  • Size

    428KB

  • MD5

    b81fe6425fb791c6a26235640c7f1804

  • SHA1

    a10b9c1f3822f7a51ff4df9aa58ea653d074c507

  • SHA256

    6964b7b29aafb7a3a912e37ee1529f99a8cdcdc03dd0679e261658fe38ef1619

  • SHA512

    ad6e44a5f60f21fe416895031d58cb1edbe1a0a9839cd3016050c977076c3da2f99a296780484db50a2be6c66f2a55cf0032e65a6984aa0dea1bff41518114f6

  • SSDEEP

    12288:Z594+AcL4tBekiuKzEr8xpKLKVrDyG5l:BL4tBekiuVr8D8KH

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-01_b81fe6425fb791c6a26235640c7f1804_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-01_b81fe6425fb791c6a26235640c7f1804_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1104
    • C:\Users\Admin\AppData\Local\Temp\3A04.tmp
      "C:\Users\Admin\AppData\Local\Temp\3A04.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-01_b81fe6425fb791c6a26235640c7f1804_mafia.exe 677018B3496FA5045DAAA06EC4D1D5A376DC5F0BCBCC03E70E68B0C526A767FBB8F289F7A03D3C606C522D7C3D1EBEB242575B050A2E2C1381729E315DD54DA7
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1504

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\3A04.tmp
          Filesize

          428KB

          MD5

          8c788f69464edfec909e95b0a8d5640a

          SHA1

          f96564ed564e8d56e8f504e59a9c45c26f1b697a

          SHA256

          25ec5c01ef7451bf5e6b188124062b0e6bad24922d18f784278b82db92694447

          SHA512

          eb30ea5306f4127118827033b05aec83eab17ea8876d0c576c6360ab089be50d4811c53b8b1c46f072c8847b2a1c67fe140dc2a43fcf65ceb69c20a604fa98bd

          Download Submit