Overview

overview

7

Static

static

3

2024-02-18...ia.exe

windows7-x64

7

2024-02-18...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    18/02/2024, 18:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-18_c3b705b799a896b6161147ade5a8a2f9_mafia.exe

  • Size

    435KB

  • MD5

    c3b705b799a896b6161147ade5a8a2f9

  • SHA1

    a9dfefe3991225174e2c99071a9a9a30a94d1d58

  • SHA256

    29f1bcdd1ea5855fe3d5b30b4ac0666e3fd61d0bfadb57e8fa705bd2472952b2

  • SHA512

    34cf6ce3d8d4c8fd178a19576538ea4768a014f70d1037eb1ba477b3f38fd9b91687c2b13e1143e05efcb11a4ed0f4aa33b418a3190970c17a5462b6c4dd7716

  • SSDEEP

    6144:fJvyW4ojUnQjx4qePix+qXQjBYzaCZSBnLsbn/F8xGg6uGUIDjaUl1H3fw9J:fd4x+ePixnXQjALABIb/eJkL1vwP

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-18_c3b705b799a896b6161147ade5a8a2f9_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-18_c3b705b799a896b6161147ade5a8a2f9_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Users\Admin\AppData\Local\Temp\5E94.tmp
      "C:\Users\Admin\AppData\Local\Temp\5E94.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-18_c3b705b799a896b6161147ade5a8a2f9_mafia.exe 480F2DA4957D606533F9BD0E311CB57883AC69A55587353FCCD43BB5461E95572A4F871EB6B2FEB48806B447516A37C3AE616FBD6D7B6997E7D51B23C064D850
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2728

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\5E94.tmp
          Filesize

          435KB

          MD5

          0ab5a0b614214da5b4dad724536a5ae4

          SHA1

          cda3d23e65ca0e4000a278e3d3fbfb2b6f733bc4

          SHA256

          55848ca3c5e7c8ae20189dc25c1ec509ae4bd7ea0799bcd7e8c99e03ade64acb

          SHA512

          05b08975344425c25b77dd3f72906e8d9d23c12e9103640f492116ec77fbc0d3ba7967b55946c5318f0380cf8e30b337938fbaace017911f7d4416b292bc4b5c

          Download Submit