Overview

overview

7

Static

static

3

2024-03-06...ia.exe

windows7-x64

7

2024-03-06...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    06/03/2024, 03:54

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-06_b4f4e5c7f8232bd4647a9a03dc3a6af0_mafia.exe

  • Size

    433KB

  • MD5

    b4f4e5c7f8232bd4647a9a03dc3a6af0

  • SHA1

    ba7b645e44fb75774465b2d82dac341e7bd7ee8c

  • SHA256

    725735eae3312d4d0e5929087c5f77cdf88627c7ae9581f38036e07d57d278ad

  • SHA512

    9f40a20093c7c0b282c6ba1e2fdd1b96ed70c680f025f90b2df19db6fa566ace117b4574fd84de3957a6e4d370392fbe54c587b41cd156503258622a7665e8bf

  • SSDEEP

    12288:Ci4g+yU+0pAiv+i9q2HYJRNYEEjAzCGMnD3tGa7++JzEn:Ci4gXn0pD+bwIrVzhMbtC+JzE

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-06_b4f4e5c7f8232bd4647a9a03dc3a6af0_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-06_b4f4e5c7f8232bd4647a9a03dc3a6af0_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2192
    • C:\Users\Admin\AppData\Local\Temp\4357.tmp
      "C:\Users\Admin\AppData\Local\Temp\4357.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-06_b4f4e5c7f8232bd4647a9a03dc3a6af0_mafia.exe 6C4165DAD2E059A62E0656C3F697A77A9DFE900B416EFC3F517CEDCDE1547A047CED742590E67F372696A284AE7D4A831801F423631129A5FEAFA3C09BE3C5EA
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2360

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\4357.tmp
          Filesize

          433KB

          MD5

          39f8766941ff7eaff245608d26d74bde

          SHA1

          1629598341ea2a2c7f9f7e0c312b85fee11a7d2e

          SHA256

          572373698547cd19191ae4e71a166dea8aaed9d7801f3eff07d51f12eb48e93a

          SHA512

          0f5a2b7d6b971d9855bd3e281c141b2aebcf13aadbf6bc21544d6d625800e8a22a78a5271b4d08180b5769ea5953725631d45e30359b6860c82409fbdf220932

          Download Submit