Overview

overview

7

Static

static

3

789663544c...JC.exe

windows7-x64

7

789663544c...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/08/2023, 16:38

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    789663544c0dd101137d5a96977cb23b_mafia_JC.exe

  • Size

    444KB

  • MD5

    789663544c0dd101137d5a96977cb23b

  • SHA1

    ec60185f73543854ab8796679285ebbdb6b266a3

  • SHA256

    2d7eb07e4b2bd611d108a3bd45b4c5137afee51453a7d747f4aadb2a2c69bb19

  • SHA512

    f9dd260ecfdbf18a52be4a6a40597ee81a459684afac4d5bc3e42f172941daae35b9011cba2d65426513ec5efe3d7453eb0a1b2ae38114f9216d8ffb5ed9ce00

  • SSDEEP

    6144:fFrJxvldL4c5ONK1xgWbd1s79+iStahx0gsXr8RaKOJoGAr91UW9+kLkAa3vSF+N:Nb4bZudi79LJsO3XUW9Da3KEpmccA

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\789663544c0dd101137d5a96977cb23b_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\789663544c0dd101137d5a96977cb23b_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1288
    • C:\Users\Admin\AppData\Local\Temp\83C6.tmp
      "C:\Users\Admin\AppData\Local\Temp\83C6.tmp" --helpC:\Users\Admin\AppData\Local\Temp\789663544c0dd101137d5a96977cb23b_mafia_JC.exe 582D25D3BA6636566E3AFAD16147BC5E8AD591705174EB13B4F6C16F0055C3C7EFBE7E81CE1B06D676439A95D27EF4E0EB11B098E962A12FC696076471486F1E
      2⤵
      • Executes dropped EXE
      PID:2264

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\83C6.tmp
          Filesize

          444KB

          MD5

          b4d20ff08538d87af007885b9e040469

          SHA1

          42f33b45829589933cc9eb6a6d0a9333e5e99e37

          SHA256

          42d2ef33b4bc00a8926296b654cb6bd496188d4d7c35cf2020ce2e6f1597e7c9

          SHA512

          7adabe4550ed2cc01f7722f943aeacc0552a6ffc106bdd75d3db27689e38824d6d465d8c696a2629f03b7116e50e61db1083f4e100c147c7492097a7af54e05c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\83C6.tmp
          Filesize

          444KB

          MD5

          b4d20ff08538d87af007885b9e040469

          SHA1

          42f33b45829589933cc9eb6a6d0a9333e5e99e37

          SHA256

          42d2ef33b4bc00a8926296b654cb6bd496188d4d7c35cf2020ce2e6f1597e7c9

          SHA512

          7adabe4550ed2cc01f7722f943aeacc0552a6ffc106bdd75d3db27689e38824d6d465d8c696a2629f03b7116e50e61db1083f4e100c147c7492097a7af54e05c

          Download Submit