Overview

overview

7

Static

static

3

5e6742b995...JC.exe

windows7-x64

7

5e6742b995...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/08/2023, 16:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5e6742b9958941f1c41ba7be7d3f338b_mafia_JC.exe

  • Size

    412KB

  • MD5

    5e6742b9958941f1c41ba7be7d3f338b

  • SHA1

    c22e78fd998197323ab5385c5b3931a1f560ede9

  • SHA256

    8dfc15f0e9d17a4fad8793624e71988c1c3af3f709db2e30b2788112dcf0530b

  • SHA512

    1eaffeaf43b98b39f50e5bbf1fa497dd00a11f06cc78d912ec7d3b55346a70b390b35b5b5db013b9fca6fc8d2fc93ac06930c933e04fd3fc2279856d2eee7daf

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZnCRZX9oeyAUKQwm3g2Py8rKdp+slKHR6rwP:U6PCrIc9kph5kTNoeHj268rKf+0I

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5e6742b9958941f1c41ba7be7d3f338b_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\5e6742b9958941f1c41ba7be7d3f338b_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4344
    • C:\Users\Admin\AppData\Local\Temp\9470.tmp
      "C:\Users\Admin\AppData\Local\Temp\9470.tmp" --pingC:\Users\Admin\AppData\Local\Temp\5e6742b9958941f1c41ba7be7d3f338b_mafia_JC.exe 322254901D0220ABADD82F6D403FC5CA8AB760C5375551A8110890D788284CCB5A0ACB739C82C44F881155B06471F374254ED0E0B1E92EAB87FE867B25E2EA1C
      2⤵
      • Executes dropped EXE
      PID:748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\9470.tmp
    Filesize

    412KB

    MD5

    bbf6ba1b7b490e1755f584ad8c4c1358

    SHA1

    b7f41c8f83956f0637956a2a20eb0bb4985ef372

    SHA256

    4c56d554e93fee1d7e9fa07afec4b3e5f232ec6ec9415a26059cc36d293e3145

    SHA512

    2a5abd0cb56c27232c0beba6ea537dd885d7fdcb96e5233e048902b4cd634d8341c4f084ce1bc9e537a4326b698edcaf4388445ea004bf7fdab3f6f2be6ac438

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\9470.tmp
    Filesize

    412KB

    MD5

    bbf6ba1b7b490e1755f584ad8c4c1358

    SHA1

    b7f41c8f83956f0637956a2a20eb0bb4985ef372

    SHA256

    4c56d554e93fee1d7e9fa07afec4b3e5f232ec6ec9415a26059cc36d293e3145

    SHA512

    2a5abd0cb56c27232c0beba6ea537dd885d7fdcb96e5233e048902b4cd634d8341c4f084ce1bc9e537a4326b698edcaf4388445ea004bf7fdab3f6f2be6ac438

    Download Submit