Overview

overview

7

Static

static

3

5b42fd7803...JC.exe

windows7-x64

7

5b42fd7803...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    139s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-08-2023 15:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5b42fd78036788cb8f30d72725fa0846_mafia_JC.exe

  • Size

    412KB

  • MD5

    5b42fd78036788cb8f30d72725fa0846

  • SHA1

    c6831759ac91550fd53a23d8e405e35e1d47c3c5

  • SHA256

    48271d4bdb92dc3197c1e6d12ed210576f29ceb1a4ed50513b86fafc564f9154

  • SHA512

    1709000bb87182306e37b2c1ddfc386c96219980a0f47a26a733cf5d5c05e6aa7752e65041378088bc2bbd7bc4c8f9f11af5733b9d5b12f9561ed4baf0a33de2

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZn8u72C7bLodzV76aIS6rUNqesjaf0/ur4BSSP:U6PCrIc9kph5j72ILodzQzxesufm44B

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5b42fd78036788cb8f30d72725fa0846_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\5b42fd78036788cb8f30d72725fa0846_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4068
    • C:\Users\Admin\AppData\Local\Temp\E975.tmp
      "C:\Users\Admin\AppData\Local\Temp\E975.tmp" --pingC:\Users\Admin\AppData\Local\Temp\5b42fd78036788cb8f30d72725fa0846_mafia_JC.exe 6F9ABEFA2533E0F519D3FB19BE0365111107143976B7C31877E9E33395243559280EDAEA4F3B403D4C0D17F564A82D31A8A08776C9945DA65693C8A4C51F35A2
      2⤵
      • Executes dropped EXE
      PID:4060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\E975.tmp
    Filesize

    412KB

    MD5

    3fa7097e952b811efefb85879141b6b8

    SHA1

    b6b3e8c6af605d8a33ba7a5f15afe6c0add0b4ca

    SHA256

    cbad8d6505cd90e838d46615db09eed78512f07515c9f71472ae041b5d53ef69

    SHA512

    63c5902c36b4a36b2ebcdd992d2b4fe568f5d06661988104248cdd22319fb0c1641d1f5629d9ad9add9d1d715a77ba7d14d828b9d6ccb57b425be10f6c107bb2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E975.tmp
    Filesize

    412KB

    MD5

    3fa7097e952b811efefb85879141b6b8

    SHA1

    b6b3e8c6af605d8a33ba7a5f15afe6c0add0b4ca

    SHA256

    cbad8d6505cd90e838d46615db09eed78512f07515c9f71472ae041b5d53ef69

    SHA512

    63c5902c36b4a36b2ebcdd992d2b4fe568f5d06661988104248cdd22319fb0c1641d1f5629d9ad9add9d1d715a77ba7d14d828b9d6ccb57b425be10f6c107bb2

    Download Submit