Overview

overview

7

Static

static

3

2024-04-23...ia.exe

windows7-x64

7

2024-04-23...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    138s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/04/2024, 20:44

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-23_157da63bef94355cbc24d50fe051f8e7_mafia.exe

  • Size

    412KB

  • MD5

    157da63bef94355cbc24d50fe051f8e7

  • SHA1

    95e3b3e0c1ed408b9f42ba544348f15da99ffa69

  • SHA256

    86dfe64bbb46e0d0be701dcf501dbf771401618d636e1dc995385a4e29f9e041

  • SHA512

    8cbc60e048acb953981950fa1da2f4b2f0791d0fe8d7ca4b986247d9d45924f1f2b4688ca82586b15a5c262618d081ab2b839004822d76781641cb6bb302747f

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZn+tVKWE659L5TUEzBlr2BirkbxRNWQK2h1x24Io:U6PCrIc9kph5YW0x1AcrkNR1x24I3fw

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-23_157da63bef94355cbc24d50fe051f8e7_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-23_157da63bef94355cbc24d50fe051f8e7_mafia.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3716
    • C:\Users\Admin\AppData\Local\Temp\2D78.tmp
      "C:\Users\Admin\AppData\Local\Temp\2D78.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2024-04-23_157da63bef94355cbc24d50fe051f8e7_mafia.exe 14A2A53F5F4580CCDED8ECA13D82259DE0B71C5222E8EC7724C5889E571A1AE98A61FAF32B11483B03F6692A14C502A3C5369097EFD496A2D6C49891439D1A8E
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4640

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\2D78.tmp
          Filesize

          412KB

          MD5

          f8c904defd00a4e03f7bf9abea15b364

          SHA1

          94499756e8e3e0a454f27660d988e907c78c39ac

          SHA256

          37418da6f9c198943a3435d75f0e9dfe27801ae87fe55575440f39652e756444

          SHA512

          d554fe67d5cdd71315d664600b532bc1f5fa9e1a4426bdec70c8e63c5ec17ef2f92a03ebe90e2e591366241a5a8c1136260ff0a4f0486b693fa09645e2effc9a

          Download Submit