Overview

overview

7

Static

static

3

2024-03-11...ia.exe

windows7-x64

7

2024-03-11...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11/03/2024, 12:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-11_b3e1c3ca20eb3e3828ed7d6ec39d8859_mafia.exe

  • Size

    479KB

  • MD5

    b3e1c3ca20eb3e3828ed7d6ec39d8859

  • SHA1

    8e5094df7bf83ca2398453d997d3dddf6e1c2eb5

  • SHA256

    82df04c81b9a55898b351c8b0c9b75fc8eebd941e111ca18e37fccf82f8f4622

  • SHA512

    f5717c5e476437e9d0fb8ef7bb9697611cf734ee370ec9611e52a1298427d946ee4fd04aa7c3998a682387769c3f1bd323bce2f7fe16afa912179e39a4c2b857

  • SSDEEP

    12288:bO4rfItL8HAxvZwgkXSPRdq7qCf3cHvah75UO:bO4rQtGAQlXuyq8sHvUVUO

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-11_b3e1c3ca20eb3e3828ed7d6ec39d8859_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-11_b3e1c3ca20eb3e3828ed7d6ec39d8859_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2340
    • C:\Users\Admin\AppData\Local\Temp\1CB4.tmp
      "C:\Users\Admin\AppData\Local\Temp\1CB4.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-11_b3e1c3ca20eb3e3828ed7d6ec39d8859_mafia.exe 09540000DF423E2EEDFFB1CE384B237F4159617ADF69DFA2228A2DEDED24DD3B9A76642E26993FF80F16D09C588A620966694D9D43B04C4EBCEA3251B855B61F
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2884

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\1CB4.tmp
          Filesize

          479KB

          MD5

          4c3d0084f6f402a04b726c0fc7086095

          SHA1

          6a3c3299401b32430e6a7bc972c1f978c1c3f1dd

          SHA256

          86de3178c6d088811ac0dae0d172e99ccddaeb840d43d69705a3cabcaa25a826

          SHA512

          ab527e0ab8cfbe4062431bc24cd13600e6921f0d42ea0685d6298d754d6e6c705abe6a22f796463425bc070052b3c8035d181bc46c44cefb7bc74a82b9b4c3cc

          Download Submit