Overview

overview

4

Static

static

1

2024-04-29...ia.exe

windows7-x64

4

2024-04-29...ia.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/04/2024, 06:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-29_92ff0dd39c8057d0876a7f429fbe14be_mafia.exe

  • Size

    3.6MB

  • MD5

    92ff0dd39c8057d0876a7f429fbe14be

  • SHA1

    e1d71398c83bacea280d3df9b36fdb6e7d77e192

  • SHA256

    c99c1deb044a7b263e150caa00900123acbbf0899659bc547e20914dea8c6845

  • SHA512

    3dda9db158a1add9433d924f9a84f9e0c3e3999904c4ceef9358999a377c40daed60522cf52adb8f99eb4dc99260d4d06ca97cd65f1f15eb7fa89128b6d922f8

  • SSDEEP

    98304:sL0+czJQ2bWrRRG8RqWUyI7+/MwLP5bv95OW28k:rJQ2qs+VP5bviW28k

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 3 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-29_92ff0dd39c8057d0876a7f429fbe14be_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-29_92ff0dd39c8057d0876a7f429fbe14be_mafia.exe"
    1⤵
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2088

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\base[1].css
    Filesize

    11KB

    MD5

    d37496ae9a9d95879f741d396e74a0fa

    SHA1

    ec974b7484b77ee3b595dd6032c4c2660c7e837e

    SHA256

    f4adf71187194014b089f653da37551eec78e2c03796cd8c0b846ec8e6f7abcb

    SHA512

    c2b70de7ef6aac2975ec5f5941f0eb9d3b98fc4cb8d67cc3fe369579071a39078eabb8181014f66f55c4315a5089d86e3f043b989511f3b2afad1f6743257f07

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\reset[1].css
    Filesize

    1KB

    MD5

    dad2101fb7d18af0657d940cfdcc5aff

    SHA1

    f480faadb272eb41e9b86b498d4d5cd95795c072

    SHA256

    942f5cdfe2cb07917241ebb6c440a97c44901e8733b6abbc1ea5a62ede227026

    SHA512

    ef964a1a7cbcf2883175066df49e20f76f8d8b75720c3377f5f69a2761dc8105942d7494d65a911fc2df66eeb0689bcec692e6872afa62ad9876eb4dd2b904da

    Download Submit