Overview

overview

7

Static

static

3

2024-02-19...ia.exe

windows7-x64

7

2024-02-19...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19/02/2024, 09:37

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-19_68d77e5bbee3c883bcc2c9879c8f2f56_mafia.exe

  • Size

    473KB

  • MD5

    68d77e5bbee3c883bcc2c9879c8f2f56

  • SHA1

    0842e8d9b2beca784d7dcbdbbaa1c5f1f1d5cb52

  • SHA256

    071b7d7e9935740dfa903a786d7c2203a3a392d912d875527c5c92c0dd9a4741

  • SHA512

    cfa4f1aaa2de8fe88326ee7f36d9f524fe5a83b56356eb67ed0b30b001c56cd2d6516343a4515b90be451e2f385dadacf05a4422af4585e0ffadeed27a6694e0

  • SSDEEP

    12288:Nb4bZudi79LS6bxuC2OlcNp/TM01MWbUA0a:Nb4bcdkLSBT/TMp4

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-19_68d77e5bbee3c883bcc2c9879c8f2f56_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-19_68d77e5bbee3c883bcc2c9879c8f2f56_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:812
    • C:\Users\Admin\AppData\Local\Temp\84F8.tmp
      "C:\Users\Admin\AppData\Local\Temp\84F8.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-19_68d77e5bbee3c883bcc2c9879c8f2f56_mafia.exe 6543156A2759BB32660226255787536D53934E93E8F3A1F6EE78BD9796A0B968884BDBF6168CA051A0E42A65212E512177E2FD4115BCDFCD0CB631992952267A
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2368

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\84F8.tmp
          Filesize

          473KB

          MD5

          e841c58c4d97fafeaeafd981251ac0f3

          SHA1

          ee3c8e03e2cecfde24d260e3dffb9f9c493aabc7

          SHA256

          8299ba507ab519dbf8c56ce3dff2b753848b0513b735185241e0a7213612d3ae

          SHA512

          a267d5ff5b96a13a07f3e68eadafc9ad0452df06a4db7475cc3a7ad2c1f8b7fa8dbac0b132a76f832eb55944021ce6acf108e5e34ba4661162b5ecd6861c08c9

          Download Submit