Overview

overview

7

Static

static

3

2024-03-06...ia.exe

windows7-x64

7

2024-03-06...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    06/03/2024, 17:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-06_2d9f0e5942a093118e872609f431e699_mafia.exe

  • Size

    413KB

  • MD5

    2d9f0e5942a093118e872609f431e699

  • SHA1

    ba99c804283784e25bccc5287ef42d35b54ef063

  • SHA256

    d008f7d1a0eb6284b738a318e8282c2a91cbb418a2d235d20a535337e1624ec1

  • SHA512

    975838d604790b79807f684f71336d9847971ec2e01ee45be720cdda39b9a8788b7d6d27dff690d6f212f2ba1577447556f955a78d05cf347a1d8ccfe475f22f

  • SSDEEP

    6144:gVdvczEb7GUOpYWhNVynE/mF/nXaT9aJTNSfF+WLp0a6YqyLfzIJ7eDX6qHg:gZLolhNVyEUnXaR4UFwaxqyL7cA6qHg

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-06_2d9f0e5942a093118e872609f431e699_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-06_2d9f0e5942a093118e872609f431e699_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Users\Admin\AppData\Local\Temp\16CB.tmp
      "C:\Users\Admin\AppData\Local\Temp\16CB.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-06_2d9f0e5942a093118e872609f431e699_mafia.exe 4C276E9B17EBFF0EF8FD431AECF86A1473FC8EC1CCB49774ADEF63B1A53817897F7AC80FC5B9DB0493F945BA22451E48FD580AA0C69A5A8A46A5CBE898A17E2D
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1796

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\16CB.tmp
          Filesize

          413KB

          MD5

          652627ae5e7769b5cdf940a90c13ae65

          SHA1

          24bc585b86f166be900ac0d3de4863fc8cb78086

          SHA256

          e033176be6b96f5275db0e886c2c51855d268f0d63d3311504fdf819d4a4f661

          SHA512

          fa2282b9fd03ead6cc661bfafcfe876b6f7a9ce1546694d53aa796456911f24df8646841946a3fbf4fe15a67de192bdd1b249f37d793ac83caa9fa9124794899

          Download Submit