Overview

overview

7

Static

static

3

2024-03-19...ia.exe

windows7-x64

7

2024-03-19...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    19/03/2024, 06:36

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-19_d3001a894191ebe0841b4014a3f1d66d_mafia.exe

  • Size

    428KB

  • MD5

    d3001a894191ebe0841b4014a3f1d66d

  • SHA1

    0aefaa3bf0e543350e6eed7ad12d626ba13dad1e

  • SHA256

    237f38bebdece5ab2261e0d597057b8311d8c7fc074ebf76fa437747e25aad2e

  • SHA512

    92568a12d11a05ffe76f453629687539d1b7608bdc18bb60d45a5b993d8cbbac343bd144cad9dbaa92509ac404f77020d58981dace90ad40c38c2f1ebcc5f2db

  • SSDEEP

    12288:Z594+AcL4tBekiuKzEr9dS4Kkooz957p99UxyCco805KoE3zl:BL4tBekiuVrogjVnD

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-19_d3001a894191ebe0841b4014a3f1d66d_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-19_d3001a894191ebe0841b4014a3f1d66d_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2868
    • C:\Users\Admin\AppData\Local\Temp\148A.tmp
      "C:\Users\Admin\AppData\Local\Temp\148A.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-19_d3001a894191ebe0841b4014a3f1d66d_mafia.exe FB0C7369D4CDF6148CC51A8912CE0275FFFF270D2383538FB775EBA5666722696BAF52BEA8BD189D9CCFA7CAE26A100D768BFB1A47B954151C5C07F694577154
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2320

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\148A.tmp
          Filesize

          428KB

          MD5

          39cf7e9898c4f926d7fbe7dcb2346655

          SHA1

          6b196968a966074eda33104967383ecf2cc7f6fa

          SHA256

          157cef4c11a36a665e9f8bb8f77e1c7081f67e0bf83ac2eaf733d7c4d2059b89

          SHA512

          d2a742c7d0eba6971a05f24a05c946e3b9ac9385b563913d02f3eceb10e74d1936b19c7dc89e66130a73784f995c05fc4f704f8a40907ac363e0af3ee22207cc

          Download Submit