Overview

overview

7

Static

static

3

2024-04-08...ia.exe

windows7-x64

7

2024-04-08...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    09/04/2024, 15:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-08_1ccbb76ba54b8015532a756d90596a76_mafia.exe

  • Size

    384KB

  • MD5

    1ccbb76ba54b8015532a756d90596a76

  • SHA1

    b2890cc9674b5e97efcfda919b6c9901ba589559

  • SHA256

    783c633a0b2d6f6bfaa62032cdc81539c3788f94d06762a2c982afdaf1b140f3

  • SHA512

    5ce51ee7f2d0392e2a373d0af9fded249834a0c2efe3c7cf8622449cf8be587765c926063d2434beb673d5fcb681dae85cfc0abaee8e311f05bb5724d9e4b375

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hHH5aIg47mkyCt5mM71tfsUlGjVzBwZ:Zm48gODxbzLvypCbL71tEUlHZ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-08_1ccbb76ba54b8015532a756d90596a76_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-08_1ccbb76ba54b8015532a756d90596a76_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2364
    • C:\Users\Admin\AppData\Local\Temp\760.tmp
      "C:\Users\Admin\AppData\Local\Temp\760.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-08_1ccbb76ba54b8015532a756d90596a76_mafia.exe 02232BE6435073564C9B913CE0FAF672C8F1CB6B058111120C5C4F44F6B129EBDC21CDD26E265E9E175DF44E479B5180C67BFB71E80EE8D86C98DB4A64B347FD
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1296

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\760.tmp
          Filesize

          384KB

          MD5

          99e4aa388a7eb740c1bc969c216ec1f4

          SHA1

          dab5dd9ad791ea6177de732d2c75ad9aec82d417

          SHA256

          e00498e661a87ec55f8e0a35e6081392b8ff517488657b14f90628c4b2e1fc0b

          SHA512

          3e5f2d0f45d400381faf93c515c20de5a4467a8af5b713a61420c88d93cee89b6c201a0d5ae46e397a460c6974c22b4038cc11daa5c883cc0d2a4d4087f9b309

          Download Submit