Overview

overview

7

Static

static

3

86153c708e...JC.exe

windows7-x64

7

86153c708e...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    24/08/2023, 17:29

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    86153c708e27e261acf9b78ae741388e_mafia_JC.exe

  • Size

    384KB

  • MD5

    86153c708e27e261acf9b78ae741388e

  • SHA1

    31e704717f2b5c47cca358032bb3c654036ea179

  • SHA256

    d438f833cdd1f5237ae6b41ab664f7dc418b9eed788a6a45eae640c661e73e07

  • SHA512

    a892061f3f7be2f5409ae29d0b22ac63157fb633ea53d5da0fba6769fcb94d28ff55eb283fa2320d470a3bf7c5ba323b3208aabec8e7051ec77844192fc870ba

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hHRTJ6VX/x4clT/UyqE1XiyWTG1GkRUYgSlkZ:Zm48gODxbz/TJ617h/U4fM5guZ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\86153c708e27e261acf9b78ae741388e_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\86153c708e27e261acf9b78ae741388e_mafia_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1548
    • C:\Users\Admin\AppData\Local\Temp\7BB5.tmp
      "C:\Users\Admin\AppData\Local\Temp\7BB5.tmp" --pingC:\Users\Admin\AppData\Local\Temp\86153c708e27e261acf9b78ae741388e_mafia_JC.exe E0080CBA84785E3E3DA30758A8332DCF281A266ED683D8DA40C3B8AAD5A1D7C63EC4E86FA8A8470EFBE5B4F60A0B1BEB47BB8F77CF29B803A40E0797BD410A85
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2188

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\7BB5.tmp
          Filesize

          384KB

          MD5

          e78cb7e450b59fa55233b8c27c44955c

          SHA1

          6d93b44dc314ef4474b8670e88b9e9fa6294fbe4

          SHA256

          c0f1d962ed91b3fa2d255e7c11d3f23bfb62414104e9717ebfd66ee86cf72eb7

          SHA512

          f3c05bcb2bdc9b96525829fa19e13b0dbba4f999f603d41fc73059e486638bba2239368263328023f1896e0eb8c49c41ddcdc1a3fa6f0f29e4b9402dcc3ed69a

          Download Submit

        • \Users\Admin\AppData\Local\Temp\7BB5.tmp
          Filesize

          384KB

          MD5

          e78cb7e450b59fa55233b8c27c44955c

          SHA1

          6d93b44dc314ef4474b8670e88b9e9fa6294fbe4

          SHA256

          c0f1d962ed91b3fa2d255e7c11d3f23bfb62414104e9717ebfd66ee86cf72eb7

          SHA512

          f3c05bcb2bdc9b96525829fa19e13b0dbba4f999f603d41fc73059e486638bba2239368263328023f1896e0eb8c49c41ddcdc1a3fa6f0f29e4b9402dcc3ed69a

          Download Submit