Overview

overview

7

Static

static

3

2024-03-18...ia.exe

windows7-x64

7

2024-03-18...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    18/03/2024, 21:37

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-18_aed37bb2af4acf8546c536bc45f6c98a_mafia.exe

  • Size

    476KB

  • MD5

    aed37bb2af4acf8546c536bc45f6c98a

  • SHA1

    953889f383ff1f13f7a2fe4d1f222a5bf50ed4f5

  • SHA256

    fc7a6f707ba7dbeecd8bca691dfb3d512e368ab3450f16294d20254e83bfbaa1

  • SHA512

    1e044bac9b984edb23ee87d287d15e0945270e3569f74919c1149097d9848cd53672a99087a5c7385c7968fe27fe8ea0b966cdfa9b88ddd853529b37bff49b42

  • SSDEEP

    12288:aO4rfItL8HRbbJWI4gOeTUtML6vhln2aL7K9wlsDpVFd:aO4rQtGRxWjgOnMqlV+9wlsDpVFd

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-18_aed37bb2af4acf8546c536bc45f6c98a_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-18_aed37bb2af4acf8546c536bc45f6c98a_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2936
    • C:\Users\Admin\AppData\Local\Temp\1786.tmp
      "C:\Users\Admin\AppData\Local\Temp\1786.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-18_aed37bb2af4acf8546c536bc45f6c98a_mafia.exe FB7373ACA540A7F1B0FDF7CF4E5492100C0EABC94F371FDD0E1C003AF1F94225D26CEAEA62AA1DCBE560E5F9F68AE5C427C24A9AB98E07D9E726A74CE3AC441F
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2620

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\1786.tmp
          Filesize

          476KB

          MD5

          ae1391445512adb3a11967a109693a9f

          SHA1

          247eb93850328d01c6c658f1241b159dbe72d823

          SHA256

          812a011e7acc2a3c89ad54ca23aa5a4c8ec99543274efdfacef6d9c1e85c14f5

          SHA512

          e38058dfb52bf0db145298cc723166cc7446a75004c60958a0995aa22156f1df202c9471d0191173e2b20feeac1f61e056dc6384f2bb52075b43cc2c28d75cff

          Download Submit