Overview

overview

7

Static

static

3

3f9d22aef4...JC.exe

windows7-x64

7

3f9d22aef4...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/08/2023, 13:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3f9d22aef4b9a4c256b644042b19d6f2_mafia_JC.exe

  • Size

    414KB

  • MD5

    3f9d22aef4b9a4c256b644042b19d6f2

  • SHA1

    164a5002f61b98db2e363474d89d4117d65fbbbc

  • SHA256

    d9b658b2c6288894d4add1a9bbe064441ab6de98c7f5a2824795ab9d2b73000a

  • SHA512

    f30536d044001796b13c41ad813ab25544f3a137f02c1ed1fc710e800a3405fc75331dc41596d553b2c7d5ce2c125a3daaa2b3cc643b88968ae96b458182e076

  • SSDEEP

    12288:Wq4w/ekieZgU6RIb3s52R1T1LpwGW3el:Wq4w/ekieH6Y3s5y1T1mGMe

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3f9d22aef4b9a4c256b644042b19d6f2_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\3f9d22aef4b9a4c256b644042b19d6f2_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4552
    • C:\Users\Admin\AppData\Local\Temp\B342.tmp
      "C:\Users\Admin\AppData\Local\Temp\B342.tmp" --helpC:\Users\Admin\AppData\Local\Temp\3f9d22aef4b9a4c256b644042b19d6f2_mafia_JC.exe 132CBEF22D726E27E4F0D8EDEDCCC21DCE7261F1A2EB3F3E055280CDB749B4F0631367E2CAE3E27D7BAA03ABC1FC3C7B7025E100ACC60B252689B0BFB4BD011C
      2⤵
      • Executes dropped EXE
      PID:4088

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\B342.tmp
    Filesize

    414KB

    MD5

    85bed15541c092b57ae189de66e162e0

    SHA1

    70eb90665a653e024eab18cdb13b9d806d888d23

    SHA256

    8f484755063753a1dc870a58e2c042a82a4ae79b18dc00c417db396fd054e9ba

    SHA512

    10c1f582e7e2293ad85cfaee6c70800a6a572be3418838f06f93ac80f6166a8982d4b71eed6f1e759eeba4a79cfe53c8f22203ae16a2cfc4e00c36252c09e2b4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\B342.tmp
    Filesize

    414KB

    MD5

    85bed15541c092b57ae189de66e162e0

    SHA1

    70eb90665a653e024eab18cdb13b9d806d888d23

    SHA256

    8f484755063753a1dc870a58e2c042a82a4ae79b18dc00c417db396fd054e9ba

    SHA512

    10c1f582e7e2293ad85cfaee6c70800a6a572be3418838f06f93ac80f6166a8982d4b71eed6f1e759eeba4a79cfe53c8f22203ae16a2cfc4e00c36252c09e2b4

    Download Submit