Overview

overview

7

Static

static

3

9afa95e2fa9ad0_JC.exe

windows7-x64

7

9afa95e2fa9ad0_JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    17/07/2023, 17:09

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    9afa95e2fa9ad0_JC.exe

  • Size

    428KB

  • MD5

    9afa95e2fa9ad078ec9858d5277ce182

  • SHA1

    ba94038280eb75e8e4d757c701ebfc263d605b30

  • SHA256

    8edc031d846a8362b068bfa60d01045fde671f9830165caceb0f95f179e64ece

  • SHA512

    4190c24d05fe2180f1242a623d98da9c8b8b83af3b431dbf033e0af736f965543585dcd3318484eb0b8c85edf58f5da8d26facfe3fb5fc4f69e894f7c7bcb850

  • SSDEEP

    12288:Z594+AcL4tBekiuKzErNqdqDuMbTLxGNh08Xl:BL4tBekiuVrNqds3eh08X

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9afa95e2fa9ad0_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\9afa95e2fa9ad0_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2532
    • C:\Users\Admin\AppData\Local\Temp\7D0C.tmp
      "C:\Users\Admin\AppData\Local\Temp\7D0C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\9afa95e2fa9ad0_JC.exe 13F38C0BE5F39127EA56554B47FF8E2C1A2980FAE0147803551D466D8DD4F1E6C301B33A02FA8426730490C0EB888A983F20914EF390762DBA8C9C7B150E6699
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1296

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\7D0C.tmp
          Filesize

          428KB

          MD5

          749f5ec19c31571c898442e563cf684e

          SHA1

          613b9e3dab7a6463d7ca084e2c072a5fe4bb954a

          SHA256

          e6d830ef28f50ee412e55f27254d56dcad8731a481c78c19087be1d10d8fc464

          SHA512

          83913128e9f64cbcdda208524c0ee9137278e646d53aeefd4c739638df8ddf9b8a7221c607c6d98fa0669b86774f4ea46c598218529bf2ad4e8b39ff5e6edb20

          Download Submit

        • \Users\Admin\AppData\Local\Temp\7D0C.tmp
          Filesize

          428KB

          MD5

          749f5ec19c31571c898442e563cf684e

          SHA1

          613b9e3dab7a6463d7ca084e2c072a5fe4bb954a

          SHA256

          e6d830ef28f50ee412e55f27254d56dcad8731a481c78c19087be1d10d8fc464

          SHA512

          83913128e9f64cbcdda208524c0ee9137278e646d53aeefd4c739638df8ddf9b8a7221c607c6d98fa0669b86774f4ea46c598218529bf2ad4e8b39ff5e6edb20

          Download Submit