Overview

overview

7

Static

static

3

2024-02-02...ia.exe

windows7-x64

7

2024-02-02...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-02-2024 19:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-02_c3cf5d67a3481613863a15dff10e55d0_mafia.exe

  • Size

    384KB

  • MD5

    c3cf5d67a3481613863a15dff10e55d0

  • SHA1

    240b88132c0f5259696a9e5c03376c1740a48982

  • SHA256

    ad618f5396fa85612c5afa2729b57f8da16581bc513a05e607a030c5e34f3e4c

  • SHA512

    e8f2330d88cea85756d1adb37b6f8738ec6c135e0ff920c4409546438e16f13da27f25cee497766f3a075844d8c5b031b443bd99cc91b4a9e5fe3a14c82f7527

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hHeKnHGRBzT1s+uyz1WEq18j854Ev9c5WQZ:Zm48gODxbzUSH4B6qz1kk85a5rZ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-02_c3cf5d67a3481613863a15dff10e55d0_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-02_c3cf5d67a3481613863a15dff10e55d0_mafia.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3788
    • C:\Users\Admin\AppData\Local\Temp\665B.tmp
      "C:\Users\Admin\AppData\Local\Temp\665B.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-02_c3cf5d67a3481613863a15dff10e55d0_mafia.exe 6BB18555A6956AC785AB467790111B347AE164E7C818795CCF4F5CB6547ABA25518EE9B6EAC796A45F8683DCBF4A026D8147BDCA5A51F520B6B919977C8A9ADB
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4920

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\665B.tmp
    Filesize

    384KB

    MD5

    b69f8e1edc4cb9e32ebcef8128279e97

    SHA1

    e897dfee05a3538997f08ad0a2b420466d15f125

    SHA256

    808c0fa36a61ac577c4bad3eca6f8409d53776d400c9bdfddc289995ec9ba4c5

    SHA512

    181d7b7d900ca82ee74479e1949b6cd9d26bd9d424d817d6dd02910406ee3cb29af1de5f5f7eb16c9b84bb1a267621b88de1a0c01739a18c4d17ad5824e4a743

    Download Submit