Overview

overview

7

Static

static

3

2024-02-12...ia.exe

windows7-x64

7

2024-02-12...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-02-2024 18:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-12_0c613b3d344419e1eaa875c7a11aee78_mafia.exe

  • Size

    414KB

  • MD5

    0c613b3d344419e1eaa875c7a11aee78

  • SHA1

    97cca55887527081c856af366874566a12a0b7a1

  • SHA256

    45cb85194b3b0acea38b8a71814a7f1b117492c37ae796062f1dc176817048df

  • SHA512

    44ce0cb86b952d1a9178009650fc4469466602abbf914c14beb5d966084dfe2aed232c6482e1a23c95ffe72cff73a4f16dd4aa3d766cc6ad04844cb9dcf4e60d

  • SSDEEP

    6144:Wucyz4obQmKkWb6ekie+ogU6BYCH33o1HqUKn4OLSpf9i1LRL41SRW5l:Wq4w/ekieZgU65X3oNVOLqg1LRE1R5l

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-12_0c613b3d344419e1eaa875c7a11aee78_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-12_0c613b3d344419e1eaa875c7a11aee78_mafia.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:388
    • C:\Users\Admin\AppData\Local\Temp\5091.tmp
      "C:\Users\Admin\AppData\Local\Temp\5091.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-12_0c613b3d344419e1eaa875c7a11aee78_mafia.exe 463145A9BFF0BEF3C98D9D67BD330A9D522CF2856117D77F8B9A035EFF65C62ACC0856B3A1E6BA13F0E24317192C0D53099B44BCA063AF021E7147EA1CC5365E
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\5091.tmp
    Filesize

    414KB

    MD5

    6b1031a163f19ea7795fbfbba4b5cecf

    SHA1

    6337f132b678f63dce6a3b8c1513a927020c1394

    SHA256

    d211a48f7f8d81c587ed01e0981a99f1066f9d4538a77fc3c15313fd0b1467ea

    SHA512

    0aea5a8e52abce5e9a50b052511a0a766ce809a46653b9aec868f23040aff00c93200bf9d2dbc39b2fbcd383bff84e75a13ca0b94096a6c245b7bbe96c61560f

    Download Submit