Overview

overview

7

Static

static

3

2024-03-29...ia.exe

windows7-x64

7

2024-03-29...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/03/2024, 03:42

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-29_dcdfeea486983adaec8309d4e21f37ab_mafia.exe

  • Size

    435KB

  • MD5

    dcdfeea486983adaec8309d4e21f37ab

  • SHA1

    4d320d7348295d437a14fad2541e514a32bac36e

  • SHA256

    351c89b710fcd9142479d0a0381c4fda67b0db7c28abef0ab3a60792a0753071

  • SHA512

    c3995c4681b41c3b3f946d33c024cd3c5a3ac170436ceb31f889929ccc1e16ef52b16252f82b047ce0373af1c53e16ee1878989b93fe1bf6772c817708701f2d

  • SSDEEP

    12288:fd4x+ePixnXQj+O78koxdMzxQYJY2cp9x0HwP:fd4x+ePixAjGMC2Ux0H

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-29_dcdfeea486983adaec8309d4e21f37ab_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-29_dcdfeea486983adaec8309d4e21f37ab_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Users\Admin\AppData\Local\Temp\147A.tmp
      "C:\Users\Admin\AppData\Local\Temp\147A.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-29_dcdfeea486983adaec8309d4e21f37ab_mafia.exe C8DADC6CB61EBB16EF64371FCC0CCC2A53A0E48A07ABB2DCC4CFB2DD26A3C7313FC06020516F13EFB0BAA59666DE64D673E2E491A10A56ED908AD3C95CBFB43B
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:308

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\147A.tmp
          Filesize

          435KB

          MD5

          dd8394948a380e27308478558789a106

          SHA1

          4103d34d75cb895b210e023c9b250f5ff2b44829

          SHA256

          d2de6cdcc6a71d489192ddeb8785271fd8237094ac73089985ddd3a5675eadd1

          SHA512

          f6257dae4030bcfa38cf640cb19e763d7d7936cd1bc84b9bb220784975308eb5d73ad4320f5f6430dce105744a604178a9f7ae1d5d0ca309ede215b46b5c6feb

          Download Submit