Overview

overview

7

Static

static

3

2024-02-12...ia.exe

windows7-x64

7

2024-02-12...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12-02-2024 17:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-12_fabaad76edd1d20c5e45a4a65d368f2c_mafia.exe

  • Size

    414KB

  • MD5

    fabaad76edd1d20c5e45a4a65d368f2c

  • SHA1

    31db2f9dcf33b6f8a62a279f60ebdbec1cedb19e

  • SHA256

    79daf930f7e2466f2d4c61a82f7a878463d57caee04aa5d8bb8fa34a9dbcd025

  • SHA512

    592d6a32e464d723b33398c59e354208d6b2f31a8bab60beb2d258f43d350d1ea1eba64b70d90fe682dc44207e700bbb211a1949afbbde207b1510267343e6e5

  • SSDEEP

    6144:Wucyz4obQmKkWb6ekie+ogU6BYO1pNniYyz1gOlPTdrkpa0cvspM9l8iNRl:Wq4w/ekieZgU651pNy7bwa0wspMkol

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-12_fabaad76edd1d20c5e45a4a65d368f2c_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-12_fabaad76edd1d20c5e45a4a65d368f2c_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Users\Admin\AppData\Local\Temp\3C64.tmp
      "C:\Users\Admin\AppData\Local\Temp\3C64.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-12_fabaad76edd1d20c5e45a4a65d368f2c_mafia.exe 2CF68AF6FF7F4D036928F5B6CA9BFDC87011E8ED363AEC0D1DB2C47F837F0099A802BCEBAE0AEE979C593ED243875BDFA394402212338DD92031EF5FF3E23DEB
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\3C64.tmp
    Filesize

    414KB

    MD5

    aed207b201bd81d9aacd9910cc2d9a27

    SHA1

    e4daf01fdbe42c429ba1973864f12bf2dc225380

    SHA256

    7177a6a04c97f3c6c62a598c46f10f39f954678064fad275c6142e4fc75e245e

    SHA512

    6d139ae70edc04556507c2788cdea9baeb09fe1cdc1f38583876d3224b418e8d21df2c0ba6be605f6ef894688b1cc2664292eaab34fe34a3e0a1f5c8af88ba82

    Download Submit