Overview

overview

7

Static

static

3

2024-02-25...ia.exe

windows7-x64

7

2024-02-25...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25-02-2024 08:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-25_bf94ec99ebbdb06fa3291da575aa1b59_mafia.exe

  • Size

    444KB

  • MD5

    bf94ec99ebbdb06fa3291da575aa1b59

  • SHA1

    b5f24c1d88b73aa5f7f5a77a9d620cb827ea9336

  • SHA256

    a5f682609e199d9754130b4db48b1f35de7fa9b91cfeb860fa0c3eb81ff0a5d6

  • SHA512

    0b79a96c5045cc38deec78269e2a75051a45352e561e2b792f5a0786aa704f7c13cdbbbf3db7ee9806d919de8d7247010d5b35a0783a4d02a079a86f4c2631aa

  • SSDEEP

    6144:fFrJxvldL4c5ONK1xgWbd1s79+iStZ0ChWqPz7mU0mqLfkg+48WpDO3GzDgNn643:Nb4bZudi79LtxTCWpDOP64mnnDA

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-25_bf94ec99ebbdb06fa3291da575aa1b59_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-25_bf94ec99ebbdb06fa3291da575aa1b59_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:3000
    • C:\Users\Admin\AppData\Local\Temp\7BF3.tmp
      "C:\Users\Admin\AppData\Local\Temp\7BF3.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-25_bf94ec99ebbdb06fa3291da575aa1b59_mafia.exe F4FE49735A66B46B7485548288172A354552DB0B144A98D8DC1DA0CC106837BB88D5738AE36955272306AC732AD1AB1274BC64BB109EAC91145176D7DB00C1A4
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7BF3.tmp
    Filesize

    444KB

    MD5

    cb68509122e4eaea4c5292bce9e0990c

    SHA1

    3f99353292d00a39d6061e4d8d4ea00d96520ca2

    SHA256

    d4bd61982723d2f59361cf2e32f09f8488e8ba40af8caf9d694a2f25f4d59812

    SHA512

    4c5cbb508ce43daa95e7a74b20e0b35baed473eeed282207fbf29397c411fd69c325f77b5bf82518f765add867216aa5ef3a55f51c61bdfa0a741a5e7e56389a

    Download Submit