Overview

overview

7

Static

static

3

6f9a7e67c3...JC.exe

windows7-x64

7

6f9a7e67c3...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/08/2023, 12:57

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    6f9a7e67c3e9a6f0162cdae7afc99215_mafia_JC.exe

  • Size

    411KB

  • MD5

    6f9a7e67c3e9a6f0162cdae7afc99215

  • SHA1

    70ed3c9a4cbb09ba6f650152d8a3977960a9565c

  • SHA256

    b01f612f6a24ac48c53eb943e4487fe48dc4f5dfcf92eba631fe17944db1029f

  • SHA512

    10d607309229fa47ebc1e014ae634a6dc3d99831a7fc698bc5a2424c661aa50d029464deb1bcdee318120cf3f6ec2202639d545cce694ce336b4fc5cbf33829c

  • SSDEEP

    6144:gVdvczEb7GUOpYWhNVynE/mF1VRuxu0ePMXZum9YxLqucjUwqHI:gZLolhNVyEZeMXcqYgh7qHI

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6f9a7e67c3e9a6f0162cdae7afc99215_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\6f9a7e67c3e9a6f0162cdae7afc99215_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3576
    • C:\Users\Admin\AppData\Local\Temp\7BD7.tmp
      "C:\Users\Admin\AppData\Local\Temp\7BD7.tmp" --pingC:\Users\Admin\AppData\Local\Temp\6f9a7e67c3e9a6f0162cdae7afc99215_mafia_JC.exe 3DC69118DB3DDDEAA818232B9C9CD246E3F797B46EB70104F2258ED6A8F4DF76C920ECE49CE2CC157F30DBA917AEA9C60C260548D326962501C6CBCB0B750BAA
      2⤵
      • Executes dropped EXE
      PID:2788

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\7BD7.tmp
          Filesize

          411KB

          MD5

          28d7b4dbf227245e4faba89f2f9e4292

          SHA1

          39532a343eec4d9eb22142ea136303179ddce357

          SHA256

          0ecc5db3e4eacfb10b2873de9ef011bf357e38a6d248995799dc9ad6bb5540b2

          SHA512

          9452883d50989d33509a7844c7c2148aca620e66431bcef9ca882be942d8aac4b31dd00635711c00deeee83089dbac2e884e4a5468e7390c523bef945515d3ad

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\7BD7.tmp
          Filesize

          411KB

          MD5

          28d7b4dbf227245e4faba89f2f9e4292

          SHA1

          39532a343eec4d9eb22142ea136303179ddce357

          SHA256

          0ecc5db3e4eacfb10b2873de9ef011bf357e38a6d248995799dc9ad6bb5540b2

          SHA512

          9452883d50989d33509a7844c7c2148aca620e66431bcef9ca882be942d8aac4b31dd00635711c00deeee83089dbac2e884e4a5468e7390c523bef945515d3ad

          Download Submit