Overview

overview

7

Static

static

3

2024-02-24...ia.exe

windows7-x64

7

2024-02-24...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24/02/2024, 01:56

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-24_e5c2e395e66d350da7a224cc006651bc_mafia.exe

  • Size

    411KB

  • MD5

    e5c2e395e66d350da7a224cc006651bc

  • SHA1

    5f8f87bb1f64994fad2bd275f69943279929f6a4

  • SHA256

    62a72d707f7652e18bddb27471fb31544e9a17fcacdfd09e146e45d14c43c489

  • SHA512

    fd46c9a88ebf94fc5f2e1beb3e917e79759b46c90443358c08a07f0039d09b07fcd04e893218184bfb907b6c94a3fed06ccf93d7ed2d53d1ed31dd75b0c20447

  • SSDEEP

    6144:gVdvczEb7GUOpYWhNVynE/mFIbVN8bCr67GhAI2feCFDwNNWVqHI:gZLolhNVyEzbYS082FuWVqHI

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-24_e5c2e395e66d350da7a224cc006651bc_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-24_e5c2e395e66d350da7a224cc006651bc_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:300
    • C:\Users\Admin\AppData\Local\Temp\6529.tmp
      "C:\Users\Admin\AppData\Local\Temp\6529.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-24_e5c2e395e66d350da7a224cc006651bc_mafia.exe C8E62C9813D5FD0E43921A93D73242526EEF4C8A80EC904214676F7BA582C4C697B5216A2661733BC322C8244FF4C39DBD9B822E95FB8D3418169612296014D9
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2020

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\6529.tmp
          Filesize

          411KB

          MD5

          4aa43fa3ed6d92cb9e8dab862c9ab4f5

          SHA1

          039633bdad1812ce86328525bd465960105abbe7

          SHA256

          f1af5d724b3b7f124bd4b329974f0e30c1ccf43efefa48ce5570ab0556690b9d

          SHA512

          4a1dbbf7c0520c11aefd7ddf9a491089269cbaa54ddf718b35aee376e68aff7bc27c1000e616ed2e014dd1cd1f587fe459ea41539102ac2dfa5e3f592970b8e8

          Download Submit