Overview

overview

7

Static

static

3

2024-02-12...ia.exe

windows7-x64

7

2024-02-12...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12-02-2024 17:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-12_9d8b66881928c8638e2c1135cd319a19_mafia.exe

  • Size

    479KB

  • MD5

    9d8b66881928c8638e2c1135cd319a19

  • SHA1

    5b8485638008da85cc9227118269e339b2f392d6

  • SHA256

    d39e98ade8058a323ff38a9aafd0baeb911cd87c620504022c707a050aa27b42

  • SHA512

    9eb3a21e6fe7e8c0178a3441bcf8ce2971fa33e09dbe86d6dfd681f60967f3b69a262dfc71326a406c2325f4aa6ca56ff26bd1f0e00c4bf51ddaafde3032ee01

  • SSDEEP

    12288:bO4rfItL8HARaXN36wy6s1+7w0jNDTYPodMnA+ShB75UO:bO4rQtGARaXNK9Ww0jN3Yw+fShBVUO

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-12_9d8b66881928c8638e2c1135cd319a19_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-12_9d8b66881928c8638e2c1135cd319a19_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2848
    • C:\Users\Admin\AppData\Local\Temp\4FC5.tmp
      "C:\Users\Admin\AppData\Local\Temp\4FC5.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-12_9d8b66881928c8638e2c1135cd319a19_mafia.exe BE1F26C967B87713065684469508A6253306A0D0C29F98978C57CC2D9A3B2EC3F2405F68B110DA49425C074C1C65E083336F1C78D9C12EC604833A8E2B766AD7
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\4FC5.tmp
    Filesize

    479KB

    MD5

    2d962f44743e43e9ef63db54159a5fb5

    SHA1

    c98421ec75b9be9ffa1d799cf7b044be1583aea7

    SHA256

    6983666be8827bff02bc08484e43e1c995083b8762cbe9a4966438300536ee9a

    SHA512

    a279f59c6695b42c8cd67115814bb48a84858707ae36b4bd1f1700e15e7fc50234f5b4bab457edb68e9e8fe97f18c4c684addf1bb18cf9f5f62f06e3d8f39436

    Download Submit