Overview

overview

7

Static

static

3

7a809b6697...JC.exe

windows7-x64

7

7a809b6697...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    138s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/08/2023, 17:06

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7a809b669740d80dcd1c7ebdb46c3f5c_mafia_JC.exe

  • Size

    526KB

  • MD5

    7a809b669740d80dcd1c7ebdb46c3f5c

  • SHA1

    9f9f1b9e2f9341b1f2feba6c57dd4436fd617c6a

  • SHA256

    4fcd0e40314fd1283462b805d380963b613103bfa1786a025ecafb55a2c3ec34

  • SHA512

    b5d73b1019eb766470e577d59f7ef91c9ee4e13e7d5041e5c7fe60c0534235a0d8a653dc932479dcdb7860e0f68b00dc9d2919d1fc33c8d55ec84793b3345d59

  • SSDEEP

    12288:z6PCrIc9kph5lDvO0jN0LZGti1Ky4sEZT2Uz:z6QIcOh5l10LItCKyMl

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7a809b669740d80dcd1c7ebdb46c3f5c_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\7a809b669740d80dcd1c7ebdb46c3f5c_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3436
    • C:\Users\Admin\AppData\Local\Temp\A652.tmp
      "C:\Users\Admin\AppData\Local\Temp\A652.tmp" --pingC:\Users\Admin\AppData\Local\Temp\7a809b669740d80dcd1c7ebdb46c3f5c_mafia_JC.exe 42C90F5F0C4503CD9F6A1106DA82812DF61FFEE6BCE88094FD38F6287082CED9B7A371750BC4D3A40AEB3CD4B44DACB9337644578F0AC2C0A0E8F0DE055B31FC
      2⤵
      • Executes dropped EXE
      PID:5024

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\A652.tmp
          Filesize

          526KB

          MD5

          20898adeefb1724126111222139c16cb

          SHA1

          a301c4265baaed073375dbce99262fe4865aea87

          SHA256

          a72ddf22e8248324331e1571a6dc585a9118b3f96a321e9c3767bfa20ae75fc4

          SHA512

          c34b6213a56fd2aeb05d9eb2beadf9818c96f7a1b9620bc5fe52f492f11177dbda5ad91ade69207e59e4cf48c21eb5e1adbd22f76c10bf64119a5df25c3fc361

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\A652.tmp
          Filesize

          526KB

          MD5

          20898adeefb1724126111222139c16cb

          SHA1

          a301c4265baaed073375dbce99262fe4865aea87

          SHA256

          a72ddf22e8248324331e1571a6dc585a9118b3f96a321e9c3767bfa20ae75fc4

          SHA512

          c34b6213a56fd2aeb05d9eb2beadf9818c96f7a1b9620bc5fe52f492f11177dbda5ad91ade69207e59e4cf48c21eb5e1adbd22f76c10bf64119a5df25c3fc361

          Download Submit