Overview

overview

7

Static

static

3

2024-02-04...ia.exe

windows7-x64

7

2024-02-04...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04/02/2024, 12:32

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-04_64ffa3f56bd9569cb751e0c586be78da_mafia.exe

  • Size

    384KB

  • MD5

    64ffa3f56bd9569cb751e0c586be78da

  • SHA1

    d29e7c62d576328552483abdf93a5ec94f87810d

  • SHA256

    d69ac789ae61bb1b0c66f4ba42bcea6ccef1d9b9efee4fa57556ca090f24fd7d

  • SHA512

    aff00fe8e272237c62a048ef799b88d771306da66864f21fd312bd274d7772234b428eaf270a3482b418633bd8047b16d710a405f2c4fcd5260035db21e8bb36

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hHtH7+zjKTZ9N16txfQ6RyF98ra62pBqv7+G5Z:Zm48gODxbzjH7sKT/WTQ6RyF2u6AB1G/

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-04_64ffa3f56bd9569cb751e0c586be78da_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-04_64ffa3f56bd9569cb751e0c586be78da_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1424
    • C:\Users\Admin\AppData\Local\Temp\3987.tmp
      "C:\Users\Admin\AppData\Local\Temp\3987.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-04_64ffa3f56bd9569cb751e0c586be78da_mafia.exe 383A136D89327D566222A14FEF352EFBA4454BB3321043670FCB4B41D3F1F61852659EBD1A545C0EE828D6AC57AC083F33ACFD7DDD8679E712A321E40FE6EA8C
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2228

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\3987.tmp
          Filesize

          384KB

          MD5

          f3fc08f5bdc308e35f9a79c3df401960

          SHA1

          a1bd8f39efa4de16ccf1c40a47f85b4f2142b43b

          SHA256

          a4ce6fefa97062f0140e284bb5cc3c9f365a95bebcb2f36b8f39c75d3ae5a66b

          SHA512

          8bcdc38ccc8fe91cd58c0a61bde020c7cd0aa9490b2e3b81afef6c81e62d9c72301199cea7b24f82b60a4ed5699550f36f6556741899359879d7b38c22ba249b

          Download Submit