Overview

overview

7

Static

static

3

2024-02-19...ia.exe

windows7-x64

7

2024-02-19...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    19/02/2024, 08:31

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-19_48b19e7520ff802f5bc0ecc0542fe5ac_mafia.exe

  • Size

    435KB

  • MD5

    48b19e7520ff802f5bc0ecc0542fe5ac

  • SHA1

    dc27add47635d50f0adf2db01ae13021ba1807ff

  • SHA256

    1244d64b0c6759ce779e8c107594762d9d8ebb4b3019b037b4030d8b63facfed

  • SHA512

    603055b5abfcc43277e5ce48e85c5950d1f927ccbd1501925990fe4a89acbed249dbf78e4745c926ba5e229cf347d60501460102be576309be20a09e506a6f07

  • SSDEEP

    12288:fd4x+ePixnXQjZgnPKsN8TajrV+cQiIInFewP:fd4x+ePixAjZgnZtV+cQiI2e

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-19_48b19e7520ff802f5bc0ecc0542fe5ac_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-19_48b19e7520ff802f5bc0ecc0542fe5ac_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2360
    • C:\Users\Admin\AppData\Local\Temp\4E1.tmp
      "C:\Users\Admin\AppData\Local\Temp\4E1.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-19_48b19e7520ff802f5bc0ecc0542fe5ac_mafia.exe B9E65731AD4533EC78BD0983EFDA13F90D2D1A02520D954A537ABC4E3D0786138C27E800702EEDD915ED78D6F5DB854208744E6C860F25C6834DD8F191D824F9
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2368

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\4E1.tmp
          Filesize

          435KB

          MD5

          c04b6b460dbd688e08b4319a3fc792f4

          SHA1

          ada77a3df8dbc0d9e3c086b9af98cbebad276aa6

          SHA256

          0c5e98bbe39d77fcdc4ee71895d10d06e322b918a7eed95fecf3f034b41472ce

          SHA512

          0f059155d16a6ea11ce7edf9a1be2911c4aacabb6fce15106f927c69f8392b6ff57c722947e9f75ab267f060850904b261f8b7568562d3ca1d23f39f9e4c3f83

          Download Submit