Overview

overview

7

Static

static

3

2024-02-03...ia.exe

windows7-x64

7

2024-02-03...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    03/02/2024, 18:31

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-03_d189e229192a02c8b4f74e22c67e7380_mafia.exe

  • Size

    384KB

  • MD5

    d189e229192a02c8b4f74e22c67e7380

  • SHA1

    7ba5c2e38523598cf75f068189eb7bb75a62eedf

  • SHA256

    023ad06e83000eced8ac9d59132ef027201bbcb290bda9bc715ca0b28e877442

  • SHA512

    46365871c6695d374b032ad13bc8b5446528ad6957408fe3c6f834766d6d0cfbc175b9027da2de70845182d642a0ae8fd196de233a906dc2aa9303500b047710

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hH15FtlM94CBI4NaeSont9MB8kZ:Zm48gODxbznMRBZoont6BNZ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-03_d189e229192a02c8b4f74e22c67e7380_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-03_d189e229192a02c8b4f74e22c67e7380_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1352
    • C:\Users\Admin\AppData\Local\Temp\3EB5.tmp
      "C:\Users\Admin\AppData\Local\Temp\3EB5.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-03_d189e229192a02c8b4f74e22c67e7380_mafia.exe 3C6F9F865F00C64890E3766645F991E24A8BF46614DD4A6F989F528E9D8C9863DB4F6F969B9B6EA4E31DE14149EAF369737988587D12D19DF2E47B11F1A0E791
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2568

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\3EB5.tmp
          Filesize

          384KB

          MD5

          b5ba28c73d542f35530fb13a575ebc4a

          SHA1

          64692c0d66deb525ca53fdb9d1071ca1a9b51fa6

          SHA256

          b0378cc28fc6b934b9d584cbed23899281c2b94dead76fff485a1ab6666fc771

          SHA512

          c8dc7cb71a141ecd438ec14329e1086c2c9f775afa51e660ebf035712cc5586d3d7871e1109ddf3f4eb36a2e666a768ea5c50a855fd82ec6075680c11adb07a7

          Download Submit