Overview

overview

7

Static

static

3

275137a215...JC.exe

windows7-x64

7

275137a215...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    01/08/2023, 14:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    275137a215f685d6668c41ce305eb226_mafia_JC.exe

  • Size

    428KB

  • MD5

    275137a215f685d6668c41ce305eb226

  • SHA1

    29e69501169253b010847616033ceb37de3f6274

  • SHA256

    e392b7b4b993ad7b1fd9948537a52e7dc62ed2bbe2eb581e0d5c0bb9e50d9f41

  • SHA512

    12d096052cecb092a54ca3e201da137488ca1f48deadfdd1636c6be98116a9dfdb4e96b035c0f04db9c5c114fecd6941fd2f174f886967c68774f3705e96a72d

  • SSDEEP

    6144:gVdvczEb7GUOpYWhNVynE/mFpmf2jUAiWvTWgUb/ZFp0G5dJv51sugzqHR:gZLolhNVyE2maUAiWvF4mUrfsuGqHR

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\275137a215f685d6668c41ce305eb226_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\275137a215f685d6668c41ce305eb226_mafia_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2508
    • C:\Users\Admin\AppData\Local\Temp\CE57.tmp
      "C:\Users\Admin\AppData\Local\Temp\CE57.tmp" --pingC:\Users\Admin\AppData\Local\Temp\275137a215f685d6668c41ce305eb226_mafia_JC.exe 621986C90F69566B81AE512BC9A16C953E33CA2942CAED1EDF9F3631B421D0CE8ED47D2CB3934A2593EB29B945E6B3E60008844A632CEF11F5C93A9CA80E3178
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2420

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\CE57.tmp
    Filesize

    428KB

    MD5

    72120affad9df683d90978ae1d99244e

    SHA1

    1c4eb8e69f82ec6b597fb93ddb0d70f9b9315a71

    SHA256

    3e5efbe1c07fefabbb8175de0d6aa570f6e1ffc4d98aea12804f95bb91909664

    SHA512

    a09bbefd5d34fc6507d9376c416c4e61ec92ccc98eebe721571b1b082663c208504fbbc2937730636a4b7791a069eec8d10a14d231b37a9b75bfc5e9f2d3b272

    Download Submit

  • \Users\Admin\AppData\Local\Temp\CE57.tmp
    Filesize

    428KB

    MD5

    72120affad9df683d90978ae1d99244e

    SHA1

    1c4eb8e69f82ec6b597fb93ddb0d70f9b9315a71

    SHA256

    3e5efbe1c07fefabbb8175de0d6aa570f6e1ffc4d98aea12804f95bb91909664

    SHA512

    a09bbefd5d34fc6507d9376c416c4e61ec92ccc98eebe721571b1b082663c208504fbbc2937730636a4b7791a069eec8d10a14d231b37a9b75bfc5e9f2d3b272

    Download Submit