Overview

overview

7

Static

static

3

2024-02-25...ia.exe

windows7-x64

7

2024-02-25...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25/02/2024, 16:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-25_1f037d7e2eb7ad026ab5e8141aa3859a_mafia.exe

  • Size

    476KB

  • MD5

    1f037d7e2eb7ad026ab5e8141aa3859a

  • SHA1

    7aa0bbdf48f30353b6829b487057586393c35b41

  • SHA256

    342f5ebb71ebbe121d22b8517624e87097102a22a8fe717cba859cc05f252250

  • SHA512

    3b59dd7a6efcd1916636d42a68bf2a95ded902038f9bbc6584ef72dbd694019fa81773a7d28364f0e7b37cf4a8c03bb956b180395cc61632bcda01aa7b627ea8

  • SSDEEP

    12288:aO4rfItL8HRW5/hwgIKSfYV/ESdyYlaaPg/E7K9wlsDpVFd:aO4rQtGR8hwmSfYVbdyYlK8+9wlsDpVT

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-25_1f037d7e2eb7ad026ab5e8141aa3859a_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-25_1f037d7e2eb7ad026ab5e8141aa3859a_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1856
    • C:\Users\Admin\AppData\Local\Temp\55ED.tmp
      "C:\Users\Admin\AppData\Local\Temp\55ED.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-25_1f037d7e2eb7ad026ab5e8141aa3859a_mafia.exe 07290936146030516116BF353435E654DFB0E88BA8A946BF45C587F4F5B40DE95403202184679BDAB82C95D08DEE92A9459DD26952131637F539FBC452381D20
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2236

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\55ED.tmp
    Filesize

    476KB

    MD5

    a160a34caf0a7661f5215f91a0725af2

    SHA1

    2d43decde9a664fe01e794bfbf0475af53e43071

    SHA256

    5b75bf18d84d2f4b1ae5927b5a62a1a2f3f6604ee462081d3f9c489b433ca9d2

    SHA512

    2cb833944ff6342a60cd1411233b5df5eaa7c6690f06794d3a72d8f0d6a5dee0867dfae2f3ebda431abc26b134805328cc781c486d870ca2cbec1d1591d2ea1d

    Download Submit