Overview

overview

7

Static

static

3

2024-02-18...ia.exe

windows7-x64

7

2024-02-18...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    18/02/2024, 22:25

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-18_0d87fd11a160f7184ded3aadfa23e84c_mafia.exe

  • Size

    433KB

  • MD5

    0d87fd11a160f7184ded3aadfa23e84c

  • SHA1

    62f380f1e076586621008e2065cce79e13d8b8a8

  • SHA256

    ac6c45f7d2724904dd774e8a88b093a08907a86aca5faa203a3c7acaa88b05ca

  • SHA512

    3e6928eb9c8d0332472971135cd0638aefbc4abd8bcbb996c00a038549d096fdd93d5338bf17ce0ee6fac70a68594deaa9411230eea231a5b3a1627c9c40818b

  • SSDEEP

    12288:Ci4g+yU+0pAiv+mS4cKJWdjmBDkq7plJqj0tONG9n:Ci4gXn0pD+r9AMZNGl

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-18_0d87fd11a160f7184ded3aadfa23e84c_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-18_0d87fd11a160f7184ded3aadfa23e84c_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1624
    • C:\Users\Admin\AppData\Local\Temp\1842.tmp
      "C:\Users\Admin\AppData\Local\Temp\1842.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-18_0d87fd11a160f7184ded3aadfa23e84c_mafia.exe E9F0325F62A7C0E0C7CD0B0788E244FA1027CF6C879C7707B802A8590DF3D78B25402B1910973E51981FE061FB825D963CE19BBCDBC1A3AD3905AC84D0D4E45D
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2968

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\1842.tmp
          Filesize

          433KB

          MD5

          f9f816bee11ede0a5e3c161ac486f5e3

          SHA1

          c030b8fc74d32f4fabcb6f000421d7aa31cf4e41

          SHA256

          eae87425fe06ac661da9ba616926bcdf6bcdf41bb61a10f44533490c0053458b

          SHA512

          85363ec05c01f2ac42a469d4cb08f435be8aeea600e3112b1a47c1b8ac032a6211c8f2cd81ab7b9dbaeee24ec6752af42a697dc9149859ac6dde90506469c469

          Download Submit