Overview

overview

7

Static

static

3

2024-02-23...ia.exe

windows7-x64

7

2024-02-23...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    23/02/2024, 06:43

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-23_67a113bba073d460d57ebc4813525dfc_mafia.exe

  • Size

    435KB

  • MD5

    67a113bba073d460d57ebc4813525dfc

  • SHA1

    51e3ca175c4eb7b6f67ba5cab692f528618a6304

  • SHA256

    448aec7500ba7d80bd07e634e44c4870d3f47f65ec2460ceb913c2ec3cea6e85

  • SHA512

    f2dd50db21aa2d9ea405f5feee6173fc644807a28d785e7f05a614977c40f922a291d29a7418281b0e464006cf6686ceda69b731631e8aedb4255fec559f430a

  • SSDEEP

    6144:fJvyW4ojUnQjx4qePix+qXQjBY5SH6tmLra1WB0e17ucjr+41xlnx6bNrVl0+W5k:fd4x+ePixnXQjzH3y7Mj/ybNtW5l1wP

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-23_67a113bba073d460d57ebc4813525dfc_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-23_67a113bba073d460d57ebc4813525dfc_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Users\Admin\AppData\Local\Temp\1120.tmp
      "C:\Users\Admin\AppData\Local\Temp\1120.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-23_67a113bba073d460d57ebc4813525dfc_mafia.exe FF4EB0571483CA8D4923C8F0494E7ED37B0D6A957BAE7501ABF8BE575C093ED37F6C076B4A30674B9D2AB23E092788FC50FC85331958DCD5B4130A1BAB02BE0A
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2748

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\1120.tmp
          Filesize

          435KB

          MD5

          16f20e85cf41a2a4306b21a1200ae00b

          SHA1

          21198ffa5771be0b9774d69becd697b78c31638c

          SHA256

          f68043a6e7af8aa9bfefcca8e12810c8cae74d07066bccf1a365f8c5ca5e5869

          SHA512

          f32b7c68a46d4d44d41f58f29a3eb01974d0f0bf135da81865398a665e956bb375276d3d290449f7b5c5609ef3032f7c8922dfb364b1c36c835097cb9a39e59f

          Download Submit