Overview

overview

7

Static

static

3

2024-02-17...ia.exe

windows7-x64

7

2024-02-17...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    17/02/2024, 22:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-17_3e570b0d1301a1175e903d0de795a547_mafia.exe

  • Size

    486KB

  • MD5

    3e570b0d1301a1175e903d0de795a547

  • SHA1

    95c79be1028459f19bea4ed6d3328b487705edb5

  • SHA256

    df57c6f2327492fb6a716008bd8db7e72c79c18f086c754d3c4f40f0f8c3dc48

  • SHA512

    684e6a452ee153828dec14646b45ec01e6d229bbf937371fb8b474260951f221330df19640edc08c4699d4d1002ee9b6c5893e5a2dc9dcea0fceae4d156c367c

  • SSDEEP

    12288:3O4rfItL8HPcU6Zn4ahJevOMT4tgUSw7rKxUYXhW:3O4rQtGPW+68UtgUSw3KxUYXhW

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-17_3e570b0d1301a1175e903d0de795a547_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-17_3e570b0d1301a1175e903d0de795a547_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2212
    • C:\Users\Admin\AppData\Local\Temp\9FB9.tmp
      "C:\Users\Admin\AppData\Local\Temp\9FB9.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-17_3e570b0d1301a1175e903d0de795a547_mafia.exe 1DFB23FEB0DBE060677631610BEB29B6BE29D29DCFCDAFD32A8B3B966B1C654D1A5255862A4D5C072DE4C95036772FB5C674905F3F72F78259BC911EE98E671F
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\9FB9.tmp
    Filesize

    486KB

    MD5

    3bee02ded621e929639ba1a8793c878d

    SHA1

    5fe431d6df9f2402cb9e4ede748337945b26f851

    SHA256

    73dbd3b23b4c0517931f4c9d5b0bbdc015ad891a01a5f6419f1e3aca555090fb

    SHA512

    65944280be31e5b183811f987e837d503e4a40e911e4c8443b7297fea979e009828cfc640afbafcfe04d44e732e25da6674cef5ceb0bd16563793e267d5b77da

    Download Submit