Overview

overview

7

Static

static

3

2023-08-26...JC.exe

windows7-x64

7

2023-08-26...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    147s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/09/2023, 11:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2023-08-26_2ac28aef06f84965a0437bebdea6093d_mafia_JC.exe

  • Size

    412KB

  • MD5

    2ac28aef06f84965a0437bebdea6093d

  • SHA1

    fc9d6fb5a7f69bfd9fd30ac25fdb466eeb327835

  • SHA256

    19ba8364cc7982b7baebf2b4fca1bc311e1a4f6fbb00502f5f720366be4d4d43

  • SHA512

    8a67b55843f31e53a0638815eb9dfc8a5792c17da034cae7bf005e4d08ccf4936d60339d81f48a2ce83fcb2c3c452c636bdf2af50e4d39052413cd7373d40f71

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZnI9B7S1jEuT7LENe9ZwshXBHAxP:U6PCrIc9kph54QT7Ak9VgR

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2023-08-26_2ac28aef06f84965a0437bebdea6093d_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2023-08-26_2ac28aef06f84965a0437bebdea6093d_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3708
    • C:\Users\Admin\AppData\Local\Temp\7995.tmp
      "C:\Users\Admin\AppData\Local\Temp\7995.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2023-08-26_2ac28aef06f84965a0437bebdea6093d_mafia_JC.exe 1A6B8E2BAE2FB493C626F02B008DDD517518F1EA850BACD1073260080BF6EEDF07290C1476FD9654EA70B8755C9860820B2377C9F06C446CA679FF34052E6B92
      2⤵
      • Executes dropped EXE
      PID:2792

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7995.tmp
    Filesize

    412KB

    MD5

    9fa6a203a8f1ecc84b2628a3859165f1

    SHA1

    42c598e1fcf965cd0ef0a84c066196d024e986b9

    SHA256

    f7738d34c5d912861ff3cb82b4e90cc65444624e796b8285dfffd1a18d67b274

    SHA512

    9185bb5336d7c99620614a511ca4813a06d777c6971a1ac5cad68973e8546642bc17cf1ea7b5710aba72b26ddb27c2a13132443e2332fe493e9ade9f9c2519ff

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\7995.tmp
    Filesize

    412KB

    MD5

    9fa6a203a8f1ecc84b2628a3859165f1

    SHA1

    42c598e1fcf965cd0ef0a84c066196d024e986b9

    SHA256

    f7738d34c5d912861ff3cb82b4e90cc65444624e796b8285dfffd1a18d67b274

    SHA512

    9185bb5336d7c99620614a511ca4813a06d777c6971a1ac5cad68973e8546642bc17cf1ea7b5710aba72b26ddb27c2a13132443e2332fe493e9ade9f9c2519ff

    Download Submit