Overview

overview

7

Static

static

3

9b0d21db02...JC.exe

windows7-x64

7

9b0d21db02...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/08/2023, 16:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9b0d21db027e924a545a9f79b3b73df2_mafia_JC.exe

  • Size

    411KB

  • MD5

    9b0d21db027e924a545a9f79b3b73df2

  • SHA1

    739e9c922249ab82ddd0e2e34304672f0bf40790

  • SHA256

    fd82f1d94bcc884e61cbb2f10f4f04a6d7f702a6ac97016342630cc3699737ea

  • SHA512

    6210862b0abaa8b91b52f467cdee758e0a7f282cc91521892eb29e6cfcb8267728788ac6bc5914974276b690dfa6ed2a51c3faaceae61ac92ba888134274d2ed

  • SSDEEP

    6144:gVdvczEb7GUOpYWhNVynE/mFGEC/uiPv2XS6kYc36mF0NY60nFjqHI:gZLolhNVyEnr/uiH2Xvzbm6NY6+5qHI

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9b0d21db027e924a545a9f79b3b73df2_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\9b0d21db027e924a545a9f79b3b73df2_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5100
    • C:\Users\Admin\AppData\Local\Temp\88D7.tmp
      "C:\Users\Admin\AppData\Local\Temp\88D7.tmp" --pingC:\Users\Admin\AppData\Local\Temp\9b0d21db027e924a545a9f79b3b73df2_mafia_JC.exe E577D44D03F8B301241DDECBAC480D1AC52131C6B46347C6A89636310EBEAEC4A16AFA747B75EAD3BB6971464309B51E9E164E8442A4D4D1AD114DF315C1AFB9
      2⤵
      • Executes dropped EXE
      PID:3912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\88D7.tmp
    Filesize

    411KB

    MD5

    8d4bc5bc90b87b78279846f341f0214d

    SHA1

    576933fdd9c0d90a8a1ebebc8a50085bc3d40be1

    SHA256

    586a892af82f8e0a012567c49a230718700212c319f204e317a71ff79f63cb60

    SHA512

    8b3b8f7431e431417e088b2657f83af69865bcb4f3e730f424df2afc9b67d1199b7a1489aa0ecdf48c5765b382b5148f377bbc45d75b5bc29c674f995b313666

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\88D7.tmp
    Filesize

    411KB

    MD5

    8d4bc5bc90b87b78279846f341f0214d

    SHA1

    576933fdd9c0d90a8a1ebebc8a50085bc3d40be1

    SHA256

    586a892af82f8e0a012567c49a230718700212c319f204e317a71ff79f63cb60

    SHA512

    8b3b8f7431e431417e088b2657f83af69865bcb4f3e730f424df2afc9b67d1199b7a1489aa0ecdf48c5765b382b5148f377bbc45d75b5bc29c674f995b313666

    Download Submit