Overview

overview

7

Static

static

3

2024-03-28...ia.exe

windows7-x64

7

2024-03-28...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    28-03-2024 14:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-28_19be3103558166db1bd2b25729fa1fc2_mafia.exe

  • Size

    435KB

  • MD5

    19be3103558166db1bd2b25729fa1fc2

  • SHA1

    ecd73c2a55139c86cbd7a1cfc6229895764c4e67

  • SHA256

    d9ec823fcf59b7aeb8f178f34ed225ea756a0a7771e545721e5dbd95ef3b241d

  • SHA512

    ad20f9c4c7e20c8fc67ea8c22005d37dab54cae69df555dc9904d5c1c56fc473e59299e28d546ede422d7c1615cac17b5d33c3b5d5291ce6af21c2c39f5edb07

  • SSDEEP

    6144:98Xyq4o4aRCTuuqepiq+zQ1mBYy1898jJqXJcIjwmL4k5tzRyh/M1UQJK:9W4ufepiqKQ1mF+9OicIjwE5byhuVJ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-28_19be3103558166db1bd2b25729fa1fc2_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-28_19be3103558166db1bd2b25729fa1fc2_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1984
    • C:\Users\Admin\AppData\Local\Temp\208B.tmp
      "C:\Users\Admin\AppData\Local\Temp\208B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-28_19be3103558166db1bd2b25729fa1fc2_mafia.exe 04C90D0114A5B6CC5DA25B374B98DA9CBB2CD08B1F2BFFC240FEE80F85D69332B51D4F7D6A1F6D850FE7F824583C00F2F6FC715800FBD66639D7884FB8E00FCD
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2488

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\208B.tmp
    Filesize

    435KB

    MD5

    bdce6723568ebf56d0f3db1cde2aa806

    SHA1

    dfcae90d1eac758a25c5af8a8326db7a431ce41e

    SHA256

    075492446ea5eb64a0a5b559f2bbdc2fc3e8a9753113f4b3eca702b1ec5b4a68

    SHA512

    131622efde62dad83b588f82eaae4caa508b63cfc4c8840c9f3c06ef8df630d4ffa5dc6bf0587a9efdb55987881d2ff8bdde07ccff98585dbadeb8ec57d91e82

    Download Submit