Overview

overview

7

Static

static

3

2a27f93b7b...JC.exe

windows7-x64

7

2a27f93b7b...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-08-2023 14:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2a27f93b7b7a9e298e31a2c4ac174563_mafia_JC.exe

  • Size

    444KB

  • MD5

    2a27f93b7b7a9e298e31a2c4ac174563

  • SHA1

    c194ab08919cbfe3c3bf1fa9f1983a36c738efe7

  • SHA256

    4c0ac5212e3e4b9c1bc2aacc137744fb4a6f8eb3a85d6683687e8448b0501916

  • SHA512

    5f20038d534024ae7c1e85691367bcb8c93f88f60270ea9a50d7f0b5aea9498c166edc3dddd04133b244996e4179e478f20478d73cec219b89640928eaecc558

  • SSDEEP

    12288:Nb4bZudi79LfJtgg58NtCTQ1DwDUz5maXdXkeAA:Nb4bcdkLxJitCTQKDwCe

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2a27f93b7b7a9e298e31a2c4ac174563_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2a27f93b7b7a9e298e31a2c4ac174563_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4284
    • C:\Users\Admin\AppData\Local\Temp\86F3.tmp
      "C:\Users\Admin\AppData\Local\Temp\86F3.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2a27f93b7b7a9e298e31a2c4ac174563_mafia_JC.exe F505EFD61E0E7A05D89603B9A32E62FA1A3591E42F458C50BD9F9AEC5AC180FB9018D2CECBF05A90924168F04C9AC03CBD64A7C8C5F836BCE0B963F39E166302
      2⤵
      • Executes dropped EXE
      PID:3724

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\86F3.tmp
    Filesize

    444KB

    MD5

    1610b35df36edd667af1e1ff04c54282

    SHA1

    e9f87168f41104db1ebbfb3c171052b7e4314ec5

    SHA256

    915adf64ac37b4be5dff4e4ed880154c10e2049c5576cc94235ee416764eea11

    SHA512

    6e10c8489077545da0ab3f7ad639cf7a1d05ecfaf267bca5a43cb111d20a51b6a8cbe6634d76a588393a3bea68347bf6b48e3a4b025139db86d658fd0bbbb024

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\86F3.tmp
    Filesize

    444KB

    MD5

    1610b35df36edd667af1e1ff04c54282

    SHA1

    e9f87168f41104db1ebbfb3c171052b7e4314ec5

    SHA256

    915adf64ac37b4be5dff4e4ed880154c10e2049c5576cc94235ee416764eea11

    SHA512

    6e10c8489077545da0ab3f7ad639cf7a1d05ecfaf267bca5a43cb111d20a51b6a8cbe6634d76a588393a3bea68347bf6b48e3a4b025139db86d658fd0bbbb024

    Download Submit