Overview

overview

7

Static

static

3

2024-02-29...ia.exe

windows7-x64

7

2024-02-29...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/02/2024, 06:04

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-29_2980adacb29b441e59e53b4dc7bd53aa_mafia.exe

  • Size

    412KB

  • MD5

    2980adacb29b441e59e53b4dc7bd53aa

  • SHA1

    a1289c46f014d4c49f9b2aec8478c1c126733824

  • SHA256

    e67dd119d577ced8d0c6321ed5520f187cae0c054f3e11e7513b1980cdeb2633

  • SHA512

    04ef918480988ae539550bd0025ac0b53b9af24ad98fc09bfef22c1331591c88a8adeec5b6e16c4920778f3b17d8899767612e8245dbb2087f2d8f73464a1d1b

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZn4G8hmlxZcN9ESzaEjUxMJizEV8cC0IX21SP:U6PCrIc9kph5FYognD+XKJizoIuq

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-29_2980adacb29b441e59e53b4dc7bd53aa_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-29_2980adacb29b441e59e53b4dc7bd53aa_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2156
    • C:\Users\Admin\AppData\Local\Temp\19A8.tmp
      "C:\Users\Admin\AppData\Local\Temp\19A8.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-02-29_2980adacb29b441e59e53b4dc7bd53aa_mafia.exe E66E32D33300146BE0D82A1291F22645FFE862FB146F2C3177BA8709B2E9F0D2D4BF5DEA457BF2803BDF0CB971EB7AB70E32DACAACEB968C938B9F3E8C855562
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2688

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\19A8.tmp
          Filesize

          412KB

          MD5

          e3118cc3da749f2ebed825d715a7016e

          SHA1

          685f08c24e99bb9cc28136caa88e86921f48738a

          SHA256

          376ef724ad19ddc5f6a307d432b0a9e02af24e86f91a58028119e58620a25133

          SHA512

          bfd1ca14ce86bc5f0ec960feeb9eb2ae477ac5733b45c098734421aac4c7eb9f4bcca077b5e33e64acc1fbe24708d2a2a44d26081f93b7fd470c7943d1dc1b27

          Download Submit