Overview

overview

7

Static

static

3

2024-03-19...ia.exe

windows7-x64

7

2024-03-19...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19/03/2024, 23:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-19_9785eff3ae6f522a03248f02700e0cfc_mafia.exe

  • Size

    384KB

  • MD5

    9785eff3ae6f522a03248f02700e0cfc

  • SHA1

    c36456cc6dbf5923e39cd13e050d52e35f306377

  • SHA256

    f6288a170ee0483f9d058eed8ed15f64ba9950fa1b7bcdbabb471033a2b73479

  • SHA512

    eedf58542f554b7540c0a09be678460d97afe646afb3e5dfa88f733dfb2b9ef8af00214efdc07565bc885ba40cc92cf35f0e0cb58d998e0e2af531a43f8706f0

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hH7U+HecLbSn+ZbsuMauhuPwDMypEsd3W96m9Z:Zm48gODxbzr7LW+PiMypE79t9Z

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-19_9785eff3ae6f522a03248f02700e0cfc_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-19_9785eff3ae6f522a03248f02700e0cfc_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Users\Admin\AppData\Local\Temp\2146.tmp
      "C:\Users\Admin\AppData\Local\Temp\2146.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-03-19_9785eff3ae6f522a03248f02700e0cfc_mafia.exe D3A38BCBFD2C4610A1A973899AB2171FB42DAF4C619FDE628929E2E0DBAAA83A576C40E5D231B215072D39D6AF8773BD3E867689024A8AA8A0DA66751A089AE9
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\2146.tmp
    Filesize

    89KB

    MD5

    a82346fd164856a9e990ca0a83221ffc

    SHA1

    0c066c7f3f958ffa36446ba6742915075ac24bd1

    SHA256

    9dcc995a91267bc2c47f37f4a199ac0628bb4d535bcdd87b143f755b9aad18c7

    SHA512

    45fcb064cda33fc4da8a5a1cf91fac2b86c3002941b5deb5e9b9f07ae6644189bf0ab7e9693d1bdc1a9e98f1117f63dbd55f7d83fac1449df38b71e1167566d9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\2146.tmp
    Filesize

    175KB

    MD5

    c1025c96f9667e7dc268b5c35ae841bb

    SHA1

    0642a89552580f8b261b713a168626ad1ff88a04

    SHA256

    2157739292b53d7cf67c9819c3dd058fc105fc54449f8c5627505dbcea45f0e8

    SHA512

    9b1b74dcd7def76a0f764e434833d305cac1c6b5c9f25351fa73015c15a2e4f8780e7739ecb914f23a5ad88107d96acc68904a3383098aa46278a40050f2727b

    Download Submit