Overview

overview

7

Static

static

3

275137a215...JC.exe

windows7-x64

7

275137a215...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-08-2023 14:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    275137a215f685d6668c41ce305eb226_mafia_JC.exe

  • Size

    428KB

  • MD5

    275137a215f685d6668c41ce305eb226

  • SHA1

    29e69501169253b010847616033ceb37de3f6274

  • SHA256

    e392b7b4b993ad7b1fd9948537a52e7dc62ed2bbe2eb581e0d5c0bb9e50d9f41

  • SHA512

    12d096052cecb092a54ca3e201da137488ca1f48deadfdd1636c6be98116a9dfdb4e96b035c0f04db9c5c114fecd6941fd2f174f886967c68774f3705e96a72d

  • SSDEEP

    6144:gVdvczEb7GUOpYWhNVynE/mFpmf2jUAiWvTWgUb/ZFp0G5dJv51sugzqHR:gZLolhNVyE2maUAiWvF4mUrfsuGqHR

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\275137a215f685d6668c41ce305eb226_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\275137a215f685d6668c41ce305eb226_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:672
    • C:\Users\Admin\AppData\Local\Temp\8A10.tmp
      "C:\Users\Admin\AppData\Local\Temp\8A10.tmp" --pingC:\Users\Admin\AppData\Local\Temp\275137a215f685d6668c41ce305eb226_mafia_JC.exe 8750615C4DF7372153D2CA2F2389214A85983E3FFE924E51C4C79D73EF5349112AE72C72DB28D55FE05A18DD376FB43BAE26D9A75E50F1ED164504965E2653E6
      2⤵
      • Executes dropped EXE
      PID:1484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\8A10.tmp
    Filesize

    428KB

    MD5

    a7cfd3a5d52a4e20f8cc705b59b361b4

    SHA1

    23f052b237c01ef9103cb3e26ef67f05091e6436

    SHA256

    fda765460c2f06420986c2fd241927a837750dbd5e6eeb9f2150867325095438

    SHA512

    d44b148e9ab9cff1b061c574093cd3c53b625bdb742d8da0152b6f900d6c25041d29d098f51bcf264d071b9b6bd21da5d656a42b1387c8244592adbd51f12545

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\8A10.tmp
    Filesize

    428KB

    MD5

    a7cfd3a5d52a4e20f8cc705b59b361b4

    SHA1

    23f052b237c01ef9103cb3e26ef67f05091e6436

    SHA256

    fda765460c2f06420986c2fd241927a837750dbd5e6eeb9f2150867325095438

    SHA512

    d44b148e9ab9cff1b061c574093cd3c53b625bdb742d8da0152b6f900d6c25041d29d098f51bcf264d071b9b6bd21da5d656a42b1387c8244592adbd51f12545

    Download Submit