Overview

overview

7

Static

static

3

2024-02-28...ia.exe

windows7-x64

7

2024-02-28...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/02/2024, 08:09

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-28_e0e4021329df7556428c0f14a9a62ce4_mafia.exe

  • Size

    414KB

  • MD5

    e0e4021329df7556428c0f14a9a62ce4

  • SHA1

    8d48a0c35044def3259c4f5c10de31d11d7e436e

  • SHA256

    2009eccc9f754ff2590933b54eefed5a766d4aa35eabaa415d9b18bf36a2cf4a

  • SHA512

    ab008d35dd33a13487387ec35354149c9504ff04479bd6ff4cebe132ac67e5328a252a15836b22a5fab83efb2adb3073dfff55ee07e08cb8516980dc3bf2730f

  • SSDEEP

    12288:Wq4w/ekieZgU6vma01dBYIsXJ6Pd8wZe7cQ0El:Wq4w/ekieH6l01dO+5Zert

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-28_e0e4021329df7556428c0f14a9a62ce4_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-28_e0e4021329df7556428c0f14a9a62ce4_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2892
    • C:\Users\Admin\AppData\Local\Temp\3FCE.tmp
      "C:\Users\Admin\AppData\Local\Temp\3FCE.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-28_e0e4021329df7556428c0f14a9a62ce4_mafia.exe 0F279FB60741D7A86206627558EC1631094B1DBA56CEA16C583D0F88374C2DE8262E735C4429ACB1B0B881AF2496E9832480423487314DA9B699FABE5AEBEF7C
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2064

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\3FCE.tmp
          Filesize

          414KB

          MD5

          3cbf7d675285d61f5c3ad76211fea6aa

          SHA1

          5fa78d3043d7af97d5004d5487d3019080e435bc

          SHA256

          89c966f67e6d4d12368a560859c70daad4e70bcdf90df2db14adac7cdaaa0e36

          SHA512

          a1d11b5e6e92e3fdc475587f7a6b503878b1a2f5956ba1eb6f0d06599cef236f05fcac5ab08c2315cb32661343084235c87f57de50114ec102c7a8c0c62e3c0e

          Download Submit