Overview

overview

7

Static

static

3

3f4245f729...JC.exe

windows7-x64

7

3f4245f729...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    19/08/2023, 12:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    3f4245f72959b7d174c0d24cd284b055_mafia_JC.exe

  • Size

    384KB

  • MD5

    3f4245f72959b7d174c0d24cd284b055

  • SHA1

    dbe4ccf881530039ade9752bf31f62246c826510

  • SHA256

    4c27c141ad27d852f26c9c82f151f50c9339655a437611c9bb2c2623663e6e3e

  • SHA512

    1cdda9a41e1470eca9831d3ca3eaa8487e511a9cd10df4a04fbde309d18b0e286479944798339a04579ef6cb31ab44e8ac2b736ad4e2b96427b0bd3d57eb78fc

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hHfmJsRW7OGESuQ0XnnVe3iEFZ:Zm48gODxbzwJsRW78rTXnnIvZ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3f4245f72959b7d174c0d24cd284b055_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\3f4245f72959b7d174c0d24cd284b055_mafia_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2512
    • C:\Users\Admin\AppData\Local\Temp\7272.tmp
      "C:\Users\Admin\AppData\Local\Temp\7272.tmp" --pingC:\Users\Admin\AppData\Local\Temp\3f4245f72959b7d174c0d24cd284b055_mafia_JC.exe B72A92B12D64839E96858137029B7FF289B066B9BE6E41C9C819478706E2B4ED03D476F643E47CFD8C5C2DFF2CF3D066A0A6990B916BD3AD64B2BDE2189AFFD7
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2324

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\7272.tmp
          Filesize

          384KB

          MD5

          3dc14e4f8beb2dbf3dc30c280f2e0223

          SHA1

          6edb3521f9d48ba3dd1a44ba82a1866cedaf7608

          SHA256

          f174e9afa178132a20a5d642da389ce8341a63c12309212df1a776f951ae3354

          SHA512

          a46ab1baaf2a50adb3e10e88f83d2eee9d95ccaa104246a40366cc7e35e620c7c61f16dddef73cb85951a2e83d625f043bee4a4c30d7ee58330ffefd0666a0a0

          Download Submit

        • \Users\Admin\AppData\Local\Temp\7272.tmp
          Filesize

          384KB

          MD5

          3dc14e4f8beb2dbf3dc30c280f2e0223

          SHA1

          6edb3521f9d48ba3dd1a44ba82a1866cedaf7608

          SHA256

          f174e9afa178132a20a5d642da389ce8341a63c12309212df1a776f951ae3354

          SHA512

          a46ab1baaf2a50adb3e10e88f83d2eee9d95ccaa104246a40366cc7e35e620c7c61f16dddef73cb85951a2e83d625f043bee4a4c30d7ee58330ffefd0666a0a0

          Download Submit