Overview

overview

7

Static

static

3

2024-03-27...ia.exe

windows7-x64

7

2024-03-27...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240319-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240319-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/03/2024, 14:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-27_a37edef60f65ff39b4938b0978be8415_mafia.exe

  • Size

    473KB

  • MD5

    a37edef60f65ff39b4938b0978be8415

  • SHA1

    6ea5b0e853ee33fb7674a2e0195363d5fb57e0bb

  • SHA256

    0e66aa93f7587d0c01639b6d5595585abead04785c8a000b61e55a8d78beb6ba

  • SHA512

    41554c2352e35556260d5b370bf41231c208c0b85e53586edcd6a8956787d236dcfaca824029e29cfef5dadd1487a84a639d196e6b921cdfd78cd78d3958870d

  • SSDEEP

    12288:Nb4bZudi79LT7DDNzHO4lPaSnc1l2g928njWV9WXf2VUA0a:Nb4bcdkLJoMgQ8KV9W4

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-27_a37edef60f65ff39b4938b0978be8415_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-27_a37edef60f65ff39b4938b0978be8415_mafia.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2408
    • C:\Users\Admin\AppData\Local\Temp\7AED.tmp
      "C:\Users\Admin\AppData\Local\Temp\7AED.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-27_a37edef60f65ff39b4938b0978be8415_mafia.exe B7DE87429E2DD2F2D0C5AE9B9DCA81B08E4065CD33C6EA37FD94F1ECF4D67272CA2BEB8FBDB159C3F21319868AE09BEA63480AE9F4D8765C6658CEDB643D3BF9
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3576
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4088 --field-trial-handle=2232,i,3915538061666887171,15629965885515244134,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:2292

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\7AED.tmp
      Filesize

      473KB

      MD5

      912c37a8f31d232f41cb65f726a34eae

      SHA1

      7d42eba20b824c33ae5c86b33ef829fab9ff05ad

      SHA256

      289742d413ba567592164896d82b43bce1c7f09d6de6cfc66fcda314f389e118

      SHA512

      1792a47feff25c4d0c7d9e3203a67b2f79d2f1f80a3fa38e88b0fa23466427bedd7a0bd640104aa37c552879f6d6a1e8df29e503292e56a1b7fb6d93ef4b812e

      Download Submit