Overview

overview

7

Static

static

3

2024-02-14...ia.exe

windows7-x64

7

2024-02-14...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    14/02/2024, 15:27

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-14_730890c577f18c324b0e98b3f3636e9f_mafia.exe

  • Size

    384KB

  • MD5

    730890c577f18c324b0e98b3f3636e9f

  • SHA1

    6602bc8f991c525e8be04c43efba1534f226d9d4

  • SHA256

    8639030f56e301e0483601eb79e2a97a2d5410525506a44a841c6431915383b7

  • SHA512

    1c128f26c0c0294e36bbce2e28566bb341cc1e99cb96a1d5e03f2c2a4e847338b3fbb54fc78b29aa8fb72337889bea05ab85780b39f0297558ff1d216d90baf8

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hHq5MHlxmOOWuwH/Od+lSiBkHRqWwevqSjO/7Q6Z:Zm48gODxbzplsOvVOdeBkHoki7Q6Z

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-14_730890c577f18c324b0e98b3f3636e9f_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-14_730890c577f18c324b0e98b3f3636e9f_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2124
    • C:\Users\Admin\AppData\Local\Temp\70CD.tmp
      "C:\Users\Admin\AppData\Local\Temp\70CD.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-14_730890c577f18c324b0e98b3f3636e9f_mafia.exe 7D716F2AF39E3C49577EE859EE9272D12FEAE050BE4AFA6210BC78052602BCE29574A33AD7F1972B6EED409A92AA64C75EB206811CB0978074B3E6ABF313B96E
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2412

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\70CD.tmp
          Filesize

          215KB

          MD5

          f2a57d3f9a9329acc68dba80be0d3332

          SHA1

          39b05d248e31b7c4edd4b6c35858d335e6ca3037

          SHA256

          bb7df60811effaeec308638b5e5be000085b395a5d9c8e9d153ea14a75491891

          SHA512

          d91cff366f2b527f3d483d8dcd819559e6e4cec50ab355d03d06be5d8f989c6452a70cd86ad03539f7e81fd405ba007a9d965c5830af4f416e3dd984075c4ade

          Download Submit

        • \Users\Admin\AppData\Local\Temp\70CD.tmp
          Filesize

          384KB

          MD5

          66f3d671d072ca9db4f36b6e15206b4d

          SHA1

          d4c8b24d0154e5117ab7d78764bff709873c22e2

          SHA256

          ebc79bfdb47c7218404baecc3f60df9359cbf3760a764d4128fbe1f921b066d7

          SHA512

          bdf1fdba41cc1010da2d7e5e3bd8012224fa2d1cb5076e3c7e9b18a333788460e2477761099709586601f6d605739f2049f5b9455f6b06f32041326fdd6b882f

          Download Submit