Overview

overview

7

Static

static

3

2024-04-05...ia.exe

windows7-x64

7

2024-04-05...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05/04/2024, 16:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-05_61ddbb91859693cdb9dd0da2b16bbfff_mafia.exe

  • Size

    433KB

  • MD5

    61ddbb91859693cdb9dd0da2b16bbfff

  • SHA1

    441da94635742094c06c88ffc9dbfb2b7a552bbc

  • SHA256

    866461909cf7aadf94c14c57a783e29e4db978de401fa9f3c6df1555e9304d7f

  • SHA512

    0b8681ed2c842f18e47121828aecc92c0a10492559c650694643d2556f2afb039c2c18c974f2914eca9cd4e5ac86e44d2ae65967200e1ad33e374d9307332aa4

  • SSDEEP

    12288:Ci4g+yU+0pAiv+BptZzkNhD0RyvcpQo7mkn:Ci4gXn0pD+BpXOAxKk

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-05_61ddbb91859693cdb9dd0da2b16bbfff_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-05_61ddbb91859693cdb9dd0da2b16bbfff_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2992
    • C:\Users\Admin\AppData\Local\Temp\252D.tmp
      "C:\Users\Admin\AppData\Local\Temp\252D.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-05_61ddbb91859693cdb9dd0da2b16bbfff_mafia.exe C96F0E1BA2916451D28DAEEC95CDDA8F3100D66EDF2D7C7C99403CBCA6560795E379334B10BBBD0CDC1AD1B3DBA553454B38573A020EDC24D4D60DE221EE18F5
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:820

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\252D.tmp
          Filesize

          433KB

          MD5

          c8ece662ef47a86c2ce777451c0bdd12

          SHA1

          bf480dbf8ed9edb27bb9050e2f7428810eacb4f6

          SHA256

          e5aa2607df1041c89be0aeda87bf93442f67468b3d12e36bde3cb2a402e8811f

          SHA512

          7241e43686df75cf74fe9dbf50ac4dc129c68544648fe822f11015494c0ea3b714391ef33bf052dfc3f47201d4f1eb1b9fec46e09681175ec8d0d92f3bcf5988

          Download Submit