Overview

overview

7

Static

static

3

2024-04-17...ia.exe

windows7-x64

7

2024-04-17...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    17-04-2024 05:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-17_1bcbc00bf6ae1670dc0715109d5dc4af_mafia.exe

  • Size

    468KB

  • MD5

    1bcbc00bf6ae1670dc0715109d5dc4af

  • SHA1

    f9cccf0b443f8128293d5fb881b6ccac255a8c7c

  • SHA256

    b560dc0c93d0b96c4039af3fdbde6b300dc81528cf8e01ba37fd6e0daf1cfcd6

  • SHA512

    2d3b8f14a424df2780916a798f4efd1fb15aa5b1a503cd6eac269f7feeb0b07ed088610114d8a7d43779f13c8b8aecf0aba8d491ee5f287fb913f1ecf9be28c1

  • SSDEEP

    12288:qO4rfItL8HGvfVl0b0Yzrht5x5bs/vU04YpcPlhbG2XH7bWmeEVGL:qO4rQtGGHVSzH5xlSM9YolhbG23umeEk

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-17_1bcbc00bf6ae1670dc0715109d5dc4af_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-17_1bcbc00bf6ae1670dc0715109d5dc4af_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:3012
    • C:\Users\Admin\AppData\Local\Temp\68D1.tmp
      "C:\Users\Admin\AppData\Local\Temp\68D1.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-17_1bcbc00bf6ae1670dc0715109d5dc4af_mafia.exe 08BC5A08EE6C0BEC140BF3EDCB485DDA9234E9F2173541BA497AD737F81666119B8F2A822645A61EB0EB0C26705F0CE309F4D2D943F2F77D1E0AF42AC219EE40
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2696

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\68D1.tmp
    Filesize

    468KB

    MD5

    ae54fd2fedbc630387aed6012dae336a

    SHA1

    728ebd1f32196b50f4e9fb881d4c648077e37b23

    SHA256

    f1b5514173b67bcfa890d9617fdbd900ae4c7a44fc47a94063ce1bd82ef1280f

    SHA512

    3e0a0ed9051d49f53c4f1da19790c86acd90a12b8d510899696607d0e168ac9ceaf199d9a620de62586fe414e694f623473325a718dc0febb22245b4a07cb287

    Download Submit