Overview

overview

7

Static

static

3

2024-02-24...ia.exe

windows7-x64

7

2024-02-24...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24/02/2024, 01:55

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-24_e2b03529c260c89502f28c07e1964c6f_mafia.exe

  • Size

    411KB

  • MD5

    e2b03529c260c89502f28c07e1964c6f

  • SHA1

    47c7435f28d050b5cd4e51e6d0e3099c411bb8bc

  • SHA256

    4ac43389ec7a8fedfb10593819196b5b6f9a863d712715d80860282c58588c2a

  • SHA512

    fcebcf42d42f5cbfbb409a1e06b28670e88b2fea56391be4d05f90ad01fb836f5efe3cf5502aba0b603fed891bf44b15909f8780a68fb861c163a02ed2d9aad2

  • SSDEEP

    6144:gVdvczEb7GUOpYWhNVynE/mFEwxdWQayAct3afzXziWX0V51Ipv98KTbqHI:gZLolhNVyEjtQaOtqLXmw6Ir8KTbqHI

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-24_e2b03529c260c89502f28c07e1964c6f_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-24_e2b03529c260c89502f28c07e1964c6f_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2292
    • C:\Users\Admin\AppData\Local\Temp\17C5.tmp
      "C:\Users\Admin\AppData\Local\Temp\17C5.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-24_e2b03529c260c89502f28c07e1964c6f_mafia.exe 35B6418ABB572644E0E4C6520E2F53DAC2A8FB6F6620A722C664D5EB6390EA2FBFD26FA994D85E57326767E98090FA0FE454975E18AD8F69839EF9BC9C16C0D5
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2472

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\17C5.tmp
          Filesize

          411KB

          MD5

          0ff27bdd87e53f26e2d9dfe8637f8408

          SHA1

          f48153b6bd1e40220721f669fea2e3eaf66afa2f

          SHA256

          c53fa7871934a2b0820408e872a47ed1ac07d4b669ccbfb450334c02fdbf88f7

          SHA512

          6a013277806156c4701806b8da826c5809390b62659b612ff4f8032716035b5450f06073ae099f23d6964a0262d6011a1bc7d53cdc527a3a1155d283f2f4a70c

          Download Submit