Overview

overview

7

Static

static

3

9b0d21db02...JC.exe

windows7-x64

7

9b0d21db02...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    08-08-2023 16:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9b0d21db027e924a545a9f79b3b73df2_mafia_JC.exe

  • Size

    411KB

  • MD5

    9b0d21db027e924a545a9f79b3b73df2

  • SHA1

    739e9c922249ab82ddd0e2e34304672f0bf40790

  • SHA256

    fd82f1d94bcc884e61cbb2f10f4f04a6d7f702a6ac97016342630cc3699737ea

  • SHA512

    6210862b0abaa8b91b52f467cdee758e0a7f282cc91521892eb29e6cfcb8267728788ac6bc5914974276b690dfa6ed2a51c3faaceae61ac92ba888134274d2ed

  • SSDEEP

    6144:gVdvczEb7GUOpYWhNVynE/mFGEC/uiPv2XS6kYc36mF0NY60nFjqHI:gZLolhNVyEnr/uiH2Xvzbm6NY6+5qHI

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9b0d21db027e924a545a9f79b3b73df2_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\9b0d21db027e924a545a9f79b3b73df2_mafia_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2468
    • C:\Users\Admin\AppData\Local\Temp\7A9C.tmp
      "C:\Users\Admin\AppData\Local\Temp\7A9C.tmp" --pingC:\Users\Admin\AppData\Local\Temp\9b0d21db027e924a545a9f79b3b73df2_mafia_JC.exe 4521DC4F58396949FAB8C942C629A968D90095041FC88DCBA05D7A9C6EF27BDC66F2151F9A6FF709B32AEB238EC8C13814115C52F5F9E03D6379A3C3D30E0708
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7A9C.tmp
    Filesize

    411KB

    MD5

    aa4fd1e44fde6e5df62300e48f1d7658

    SHA1

    5378c2c3a6b30eccd705df99ce47cfe78b93e8ee

    SHA256

    cd42f9c1c35cfbbb81358cb46bd9f14231e24ef2d7a9f8e8575138dfbc768a98

    SHA512

    79ac3dbfadf3a611a0a9b972452014a87dd6e5746fb9b46017e51be926817ab4a615ee3a5eec10ce2f18c4c1a6e054b247be209050a95e274ecadcfae158f42f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\7A9C.tmp
    Filesize

    411KB

    MD5

    aa4fd1e44fde6e5df62300e48f1d7658

    SHA1

    5378c2c3a6b30eccd705df99ce47cfe78b93e8ee

    SHA256

    cd42f9c1c35cfbbb81358cb46bd9f14231e24ef2d7a9f8e8575138dfbc768a98

    SHA512

    79ac3dbfadf3a611a0a9b972452014a87dd6e5746fb9b46017e51be926817ab4a615ee3a5eec10ce2f18c4c1a6e054b247be209050a95e274ecadcfae158f42f

    Download Submit