Overview

overview

7

Static

static

3

2024-02-12...ia.exe

windows7-x64

7

2024-02-12...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12/02/2024, 14:45

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-12_4b87e41b4efa80ed55f81af8a6ced15a_mafia.exe

  • Size

    486KB

  • MD5

    4b87e41b4efa80ed55f81af8a6ced15a

  • SHA1

    b123d0e682962eabe34c0304b6050553d29f5bba

  • SHA256

    a975e13c06135a8e14dbe8ff624866ecf4f82954c97745d7df81f12a1f6a4d51

  • SHA512

    5cd3906afc1e6b488a8d55dad9faefdb42a7c77c86427a0c48adce32975db13b77fa424d8d46c1d5a2dbfead655d27b7c13c073ac779f7f69a924574b3cf283d

  • SSDEEP

    12288:3O4rfItL8HPGXn3SUSd/302T0vbJ/q2w7rKxUYXhW:3O4rQtGPsn30d82wbk2w3KxUYXhW

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-12_4b87e41b4efa80ed55f81af8a6ced15a_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-12_4b87e41b4efa80ed55f81af8a6ced15a_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2424
    • C:\Users\Admin\AppData\Local\Temp\5EF2.tmp
      "C:\Users\Admin\AppData\Local\Temp\5EF2.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-12_4b87e41b4efa80ed55f81af8a6ced15a_mafia.exe 9B36EBFC228CFB669AD520B17D85F1FBD6F69006338082CF7F3E9A8621D1129B40AA649CE61C10289D446F7775DA89D5C1B6E5B6644F0024FAFEB8ECE348F18A
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2736

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\5EF2.tmp
          Filesize

          486KB

          MD5

          1152fbf90a020ebd151317f968882269

          SHA1

          31022578452e729158e4a6d2cd78b3c975c62401

          SHA256

          5f4367dfabfa8abedd6a797739280ad314abf50b1ced45a0c1fbf0e0ac62aca0

          SHA512

          6b398dbd34fb4864223f1f57ad5f3268b647a1f795263a216fd86e4b26ac753d78eb246749b4d306feec5054ebf819d344ddb54cdc4c8d24ec5306a3caebb703

          Download Submit