Overview

overview

7

Static

static

3

2024-03-14...ia.exe

windows7-x64

7

2024-03-14...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14/03/2024, 08:27

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-14_18b5fad2b2cc6a12a864c8f3d4c19398_mafia.exe

  • Size

    479KB

  • MD5

    18b5fad2b2cc6a12a864c8f3d4c19398

  • SHA1

    60f95c5b7d5548bd710cfce2cac81c46643e0a19

  • SHA256

    daa9857698bcb019036a952693c26fb5539638bda5feb729ea79bddce3102e77

  • SHA512

    462b243ce6f5b621812134a08c91a018b70a7d2b6f0f964ddf0c2b290f178f7ce48c4ec408bc45449b52e5f57063b9920a9a685244e58ee0dffbd8d800f87e3f

  • SSDEEP

    6144:b9EyS4oMxIkjxcWqHtg88HARRAtgmZnjnfoMZ4uqQJgqfbwH9v/e4IL6v75UNY:bO4rfItL8HA4jAMGuPGoyXoLs75UO

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-14_18b5fad2b2cc6a12a864c8f3d4c19398_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-14_18b5fad2b2cc6a12a864c8f3d4c19398_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Users\Admin\AppData\Local\Temp\A802.tmp
      "C:\Users\Admin\AppData\Local\Temp\A802.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-14_18b5fad2b2cc6a12a864c8f3d4c19398_mafia.exe 8014FF70E216DFC1879BD937D1D09B9BE28F12144A1580089D7E7D0E897386C1770CB9FD07A378B2E43CAE8E2A299C8E6E663A6FF936EC08AFBED09EAB9351FC
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2172

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\A802.tmp
          Filesize

          479KB

          MD5

          c2234bab297584696ceddb4f085a8510

          SHA1

          fedd7b4b6a3b57ab072604f8f838cd4df4745142

          SHA256

          45649e74c32d9098eb64ea42676f9b357f5edd406366ebe662a809c5cfbdfae9

          SHA512

          398e7c23e7b5aa6e9ccb546684b57189e5d6f373ce7f95e745d40c03a6c4466b3198f4bafa6bf0ae63d8fb0c9db6a51c7924fd95a3f99a7d81e211e9c82d7e01

          Download Submit