Overview

overview

7

Static

static

3

2024-04-30...ia.exe

windows7-x64

7

2024-04-30...ia.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    30/04/2024, 10:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-30_e69be84657a58364f99e15d192748afb_mafia.exe

  • Size

    486KB

  • MD5

    e69be84657a58364f99e15d192748afb

  • SHA1

    c9137bc655e85ea35e284d87a32dd74f878389e2

  • SHA256

    774ca64995ea7d69dab7f3bd1aa467619449cbaa6d502650689b4fc2a72f4305

  • SHA512

    7be5ed41f1380c628805a4e396b0a1dd677b8a19c2336d3ea08dc97ded99620ee6aa764de6b812f53ef812adbfd68c0842d615aef49ca6e0d6ba9ebb804a3228

  • SSDEEP

    12288:3O4rfItL8HPY/LRH0+4WgZyL4K/U7rKxUYXhW:3O4rQtGPAh0+sE4SU3KxUYXhW

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-30_e69be84657a58364f99e15d192748afb_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-30_e69be84657a58364f99e15d192748afb_mafia.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1084
    • C:\Users\Admin\AppData\Local\Temp\906D.tmp
      "C:\Users\Admin\AppData\Local\Temp\906D.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-04-30_e69be84657a58364f99e15d192748afb_mafia.exe CEB059325E885EDF8B6C08D57AB82BBD94C695F8A68D129D818E90A543FCA569872668D65CB59356847B0E52E7934B55DB3C84349498002001960FE9C7465C53
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\906D.tmp
    Filesize

    486KB

    MD5

    a8c10f1b60e0c1e7e0f0ae34162a40ce

    SHA1

    29152a6407e4ead73657a721f18973dc1172c6f5

    SHA256

    4a6040185020fda7e782421a1595f45431586d635c110bf122ce115432476d23

    SHA512

    778f2e2201729f0bd537fb3c22ef701ab50bd793efb9079f22535ca7f29d276a26d349607aae556052246110c7d663085f607f62f3c8242aaa75680210e71177

    Download Submit