Overview

overview

7

Static

static

3

3107d090fb...JC.exe

windows7-x64

7

3107d090fb...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-08-2023 15:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3107d090fb01e31d0227a7b5c8a4eec0_mafia_JC.exe

  • Size

    384KB

  • MD5

    3107d090fb01e31d0227a7b5c8a4eec0

  • SHA1

    7a8f0fe6af88a9cce78b6bc8aec83663b619dfc0

  • SHA256

    4e92ad5f7cbd0492b8486577f13192537b25fabe36915613b4533730657acf27

  • SHA512

    f431d333461cd4e3efdfba7336bbb0d5f1aeaefd4f926cccf6d9002c41da597111a569511b9b44443ddd01f7bb996d4ce51cf94674a2690b0cc8416aebea45db

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hHHvYhIZP+OEydtf9qfsOvemIllZXZ:Zm48gODxbzNvY62GtOsOmlZXZ

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3107d090fb01e31d0227a7b5c8a4eec0_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\3107d090fb01e31d0227a7b5c8a4eec0_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3272
    • C:\Users\Admin\AppData\Local\Temp\83A7.tmp
      "C:\Users\Admin\AppData\Local\Temp\83A7.tmp" --pingC:\Users\Admin\AppData\Local\Temp\3107d090fb01e31d0227a7b5c8a4eec0_mafia_JC.exe ACF13887CA2B1F3EA67DEC12C9591D869BEED6306389264C02A584408342574DE4848CCB74637DDC4D502B0F3DF146F2B9644DC7C944D1527BEDB468FC70227B
      2⤵
      • Executes dropped EXE
      PID:2012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\83A7.tmp
    Filesize

    384KB

    MD5

    9f749dc3da546aaa390f03dd10891ac3

    SHA1

    4b9dbc4bea774c142f328f31c202dbcd7da8bd40

    SHA256

    476955c12b3bfbacbe7d40a2eabee00f1ac943203b6248c624c01a4231c8e0f3

    SHA512

    2932ff492602d527f1ce360a01985d973bef8b5d7e32d1d7c7e8f52f5f8effb481e062d0f755e26a7ed22aebb03082ee6c3eacadee3e82f37858b968a18c8724

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\83A7.tmp
    Filesize

    384KB

    MD5

    9f749dc3da546aaa390f03dd10891ac3

    SHA1

    4b9dbc4bea774c142f328f31c202dbcd7da8bd40

    SHA256

    476955c12b3bfbacbe7d40a2eabee00f1ac943203b6248c624c01a4231c8e0f3

    SHA512

    2932ff492602d527f1ce360a01985d973bef8b5d7e32d1d7c7e8f52f5f8effb481e062d0f755e26a7ed22aebb03082ee6c3eacadee3e82f37858b968a18c8724

    Download Submit