Overview

overview

7

Static

static

3

58553d6b7a...JC.exe

windows7-x64

7

58553d6b7a...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    91s
  • max time network
    129s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/08/2023, 14:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    58553d6b7a01aec887bd5fa89f2f8e18_mafia_JC.exe

  • Size

    414KB

  • MD5

    58553d6b7a01aec887bd5fa89f2f8e18

  • SHA1

    55948114a267f8c99db41299a21c8f8b33158f6d

  • SHA256

    6f83fbf494ad6a09f1e277a6eb40a778ebc4ca2eaa5f38de5683014decf62729

  • SHA512

    4f0859e812a0a468f85990e7c04c9b91569ceb839d9d72b649b8c1335c9600d860248f32b944e812a5af9248542d333d921aa9d22ed7b3b22374a40bd8e71a20

  • SSDEEP

    6144:Wucyz4obQmKkWb6ekie+ogU6BYlwc8bcHJUDwzTbM0u/AAwsvEJe9Ul:Wq4w/ekieZgU6onPu/jjs4Wl

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\58553d6b7a01aec887bd5fa89f2f8e18_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\58553d6b7a01aec887bd5fa89f2f8e18_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4568
    • C:\Users\Admin\AppData\Local\Temp\2B41.tmp
      "C:\Users\Admin\AppData\Local\Temp\2B41.tmp" --helpC:\Users\Admin\AppData\Local\Temp\58553d6b7a01aec887bd5fa89f2f8e18_mafia_JC.exe F147FDFB88CBE533304E3727BDD065F8F326D1E64677CAE8031173194947A18D6E216FFFE33F19190189D90B3043E74B016A83F2FC8D37A8B4A9279D76DED78C
      2⤵
      • Executes dropped EXE
      PID:1732

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\2B41.tmp
    Filesize

    414KB

    MD5

    b23e2f3765c59fb008b2c597aa1473c9

    SHA1

    dc55970a2f3b5a1d7ef9d0604dae31fecec094ec

    SHA256

    7bda2a4b9b3b9d6bb5962beab8606811ff39d6c00979af4b17200a118a6d4c00

    SHA512

    88fcfb819c6e4d4c46f1558890107524c252d0db47e077e65fc15ae1f22f44a01d718356576d6b31f51c0cf552009ae4c978f6f4045b2dbb512eac7402572cd5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\2B41.tmp
    Filesize

    414KB

    MD5

    b23e2f3765c59fb008b2c597aa1473c9

    SHA1

    dc55970a2f3b5a1d7ef9d0604dae31fecec094ec

    SHA256

    7bda2a4b9b3b9d6bb5962beab8606811ff39d6c00979af4b17200a118a6d4c00

    SHA512

    88fcfb819c6e4d4c46f1558890107524c252d0db47e077e65fc15ae1f22f44a01d718356576d6b31f51c0cf552009ae4c978f6f4045b2dbb512eac7402572cd5

    Download Submit