Overview

overview

7

Static

static

3

5e6742b995...JC.exe

windows7-x64

7

5e6742b995...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    04/08/2023, 16:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5e6742b9958941f1c41ba7be7d3f338b_mafia_JC.exe

  • Size

    412KB

  • MD5

    5e6742b9958941f1c41ba7be7d3f338b

  • SHA1

    c22e78fd998197323ab5385c5b3931a1f560ede9

  • SHA256

    8dfc15f0e9d17a4fad8793624e71988c1c3af3f709db2e30b2788112dcf0530b

  • SHA512

    1eaffeaf43b98b39f50e5bbf1fa497dd00a11f06cc78d912ec7d3b55346a70b390b35b5b5db013b9fca6fc8d2fc93ac06930c933e04fd3fc2279856d2eee7daf

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZnCRZX9oeyAUKQwm3g2Py8rKdp+slKHR6rwP:U6PCrIc9kph5kTNoeHj268rKf+0I

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5e6742b9958941f1c41ba7be7d3f338b_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\5e6742b9958941f1c41ba7be7d3f338b_mafia_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1980
    • C:\Users\Admin\AppData\Local\Temp\7E25.tmp
      "C:\Users\Admin\AppData\Local\Temp\7E25.tmp" --pingC:\Users\Admin\AppData\Local\Temp\5e6742b9958941f1c41ba7be7d3f338b_mafia_JC.exe CED23F81CFB60ABB0425538E310F8A090B8DE1F86C2ACBA8C4CD542958EDDA25917C31D2C52753D819BBF4EDC429FDD2CC25218C1D881912718651E3E2DBEB1E
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1312

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7E25.tmp
    Filesize

    412KB

    MD5

    d070ed5194b029444dd102f0cfaafb4b

    SHA1

    a6a47617992e0c7882a428cfa60ecd1d7a49195b

    SHA256

    1f4f770cc18b3b61d9af0cd48e28a766674dd65837ba38d810d21b2914b102e0

    SHA512

    8cb374a0787123cbbae8965d7050024241ae3cfb155270c806cc3e46eb502d71ad74e76c83c4b70589773482343d0e19cd7a08f9edd3eae0c0909e17182db3da

    Download Submit

  • \Users\Admin\AppData\Local\Temp\7E25.tmp
    Filesize

    412KB

    MD5

    d070ed5194b029444dd102f0cfaafb4b

    SHA1

    a6a47617992e0c7882a428cfa60ecd1d7a49195b

    SHA256

    1f4f770cc18b3b61d9af0cd48e28a766674dd65837ba38d810d21b2914b102e0

    SHA512

    8cb374a0787123cbbae8965d7050024241ae3cfb155270c806cc3e46eb502d71ad74e76c83c4b70589773482343d0e19cd7a08f9edd3eae0c0909e17182db3da

    Download Submit