Overview

overview

7

Static

static

3

2024-03-05...ia.exe

windows7-x64

7

2024-03-05...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05-03-2024 23:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-05_03cc798f149bff3b0ba1ce176ab99dbb_mafia.exe

  • Size

    468KB

  • MD5

    03cc798f149bff3b0ba1ce176ab99dbb

  • SHA1

    42cb691919feaeccda0c2ee1499c493dcf77ba2a

  • SHA256

    ac7ef5a05e702c734845cee68e856fcd644ca485cee81ad162518c838a8f46fc

  • SHA512

    114f43e0dfb3751f43f6619d3abb2cfdf5b05c03c037dbd537f74df0cc8c2ed2f7557e8d079168f463d62ed64b9964c0b20a8bba17b5cce966c15c773f4888ea

  • SSDEEP

    12288:qO4rfItL8HGfel4PWHFiYgpvbaWOkyw7bWmeEVGL:qO4rQtGGfel4AFitj2YumeEVGL

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-05_03cc798f149bff3b0ba1ce176ab99dbb_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-05_03cc798f149bff3b0ba1ce176ab99dbb_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2024
    • C:\Users\Admin\AppData\Local\Temp\3FDE.tmp
      "C:\Users\Admin\AppData\Local\Temp\3FDE.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-05_03cc798f149bff3b0ba1ce176ab99dbb_mafia.exe 63411227C3E008F8454A0672077A5CE55A2CAFAC97F44228F63A0950B369638D0A98177FAD9435F653E40C84BD4925E756024616488564BE8636CDA24BA95C6F
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1660

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\3FDE.tmp
    Filesize

    468KB

    MD5

    635d860e6063169574f669b6e38346ed

    SHA1

    546be039dacee20e97242de0638785af00427697

    SHA256

    665a3fca9d208393c59b5a3b541d04be6d4962bd131c10e8c327f05159feaea8

    SHA512

    d9aa1e24202244888086498ce4733c06e6a8afd12232a80af8e18c495e7f8adaaae57f2017d624fbb27ee4d68a4f85346b6a58d5014db6abab737b5cdcf18f82

    Download Submit