Overview

overview

7

Static

static

3

58553d6b7a...JC.exe

windows7-x64

7

58553d6b7a...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    04/08/2023, 14:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    58553d6b7a01aec887bd5fa89f2f8e18_mafia_JC.exe

  • Size

    414KB

  • MD5

    58553d6b7a01aec887bd5fa89f2f8e18

  • SHA1

    55948114a267f8c99db41299a21c8f8b33158f6d

  • SHA256

    6f83fbf494ad6a09f1e277a6eb40a778ebc4ca2eaa5f38de5683014decf62729

  • SHA512

    4f0859e812a0a468f85990e7c04c9b91569ceb839d9d72b649b8c1335c9600d860248f32b944e812a5af9248542d333d921aa9d22ed7b3b22374a40bd8e71a20

  • SSDEEP

    6144:Wucyz4obQmKkWb6ekie+ogU6BYlwc8bcHJUDwzTbM0u/AAwsvEJe9Ul:Wq4w/ekieZgU6onPu/jjs4Wl

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\58553d6b7a01aec887bd5fa89f2f8e18_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\58553d6b7a01aec887bd5fa89f2f8e18_mafia_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2212
    • C:\Users\Admin\AppData\Local\Temp\BFF5.tmp
      "C:\Users\Admin\AppData\Local\Temp\BFF5.tmp" --helpC:\Users\Admin\AppData\Local\Temp\58553d6b7a01aec887bd5fa89f2f8e18_mafia_JC.exe A4C5085947F7D574D0601779A50F491827B681F836C3905792802BB4BCF626E3C3FF491536CB6C08A668F5516336C6101EA5F0272C3CD69D6DFFD68EAEE09DA4
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1056

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\BFF5.tmp
    Filesize

    414KB

    MD5

    6b8fb93122c8924c023105110de880bf

    SHA1

    a9f264230f3dbe602d54d7becf82ff85a8b396df

    SHA256

    1f1f6ed08a1e52093a44e94427a0acd26a647d92898fab6153b3fc7474f15195

    SHA512

    e742b2192afd4f4bb1c8c09320e4a9fc4b2b7fcfb43381493db5f6a8439a891a497994486a72189831447d7846f769c305dac37574e2b2155bbe4c59f2255117

    Download Submit

  • \Users\Admin\AppData\Local\Temp\BFF5.tmp
    Filesize

    414KB

    MD5

    6b8fb93122c8924c023105110de880bf

    SHA1

    a9f264230f3dbe602d54d7becf82ff85a8b396df

    SHA256

    1f1f6ed08a1e52093a44e94427a0acd26a647d92898fab6153b3fc7474f15195

    SHA512

    e742b2192afd4f4bb1c8c09320e4a9fc4b2b7fcfb43381493db5f6a8439a891a497994486a72189831447d7846f769c305dac37574e2b2155bbe4c59f2255117

    Download Submit