Overview

overview

7

Static

static

3

2024-02-27...ia.exe

windows7-x64

7

2024-02-27...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/02/2024, 20:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-27_eb662ed36309bcd0b652d8dacc881f4b_mafia.exe

  • Size

    435KB

  • MD5

    eb662ed36309bcd0b652d8dacc881f4b

  • SHA1

    ec75a89309cf722d66e1ef05b4fdaee4fbaea1f0

  • SHA256

    f92bff028fe42166548cb03cd1f336492796068030e4aa413ed886be5f45cc48

  • SHA512

    b80c4e993ceb71d3f8ea5c09227184650009b2dd91d68b94778b60a124fdafb8ddaa83a8429c7234c069443a3951730f64ca3099a3ad4a48234458bbc0cc8aca

  • SSDEEP

    6144:fJvyW4ojUnQjx4qePix+qXQjBYkG1uL+1lA3cvvbHzFadBTO0gn3GVbfnAuW4w9J:fd4x+ePixnXQjt+AsrHMPTO5G5fNLwP

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-27_eb662ed36309bcd0b652d8dacc881f4b_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-27_eb662ed36309bcd0b652d8dacc881f4b_mafia.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2076
    • C:\Users\Admin\AppData\Local\Temp\EA8F.tmp
      "C:\Users\Admin\AppData\Local\Temp\EA8F.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-27_eb662ed36309bcd0b652d8dacc881f4b_mafia.exe A9C544D1F74F35AA22300B8B743E8A4B386F946AEA0598ABF2E6EC2971CAB2555E96132B3B16304AF2BF6CD2D354D0ABB35F87168ACF07F3DB2A2ED17202E006
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:432
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3720 --field-trial-handle=2252,i,16504368816373493055,9578615028378602855,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:2576

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\EA8F.tmp
      Filesize

      435KB

      MD5

      1826f557c6ae03413fa1cad765c64baa

      SHA1

      044700b8d6184632d5d4dc47461df05fabe1d067

      SHA256

      43d06280dade1fe426e40b9bc6e29019d1fd13bf602d4af9722d1ed3a87cc54d

      SHA512

      b0af7e865efd9752a08bdc91725cec89abcc494491eda883dbfbecd5517a55f7f829a9ab4e1c176c4837fb397cc027a56550e4d31870312474c62065b0bc456d

      Download Submit