Overview

overview

3

Static

static

3

2023-08-26...JC.exe

windows7-x64

3

2023-08-26...JC.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    23/09/2023, 13:01

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2023-08-26_36c879046504f9e342e4d9c6e823f461_mafia_JC.exe

  • Size

    2.1MB

  • MD5

    36c879046504f9e342e4d9c6e823f461

  • SHA1

    251662defa2171ac4b2bb572785e94710323d197

  • SHA256

    1a8c216f793eda490ac1d41634fcc5fa02fc1d5774f59c7b89b2d88c9b989d40

  • SHA512

    4fecfbdb27f99cb185958c6bfa007c4455b2e380880e703563c478c663f65f3f62e0351918064b107e5b723b2b33ab92ada2ffa15552f2942910b94b080142b2

  • SSDEEP

    49152:Hyno1CD0ErFpUQGeKD+JoEnykAP+MC589u3mxRbxJKhwnV9yjn0uH1RFpt3DhcEx:SDQErFpUQGWJBykc+Nmu3mxRbxJKeojT

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2023-08-26_36c879046504f9e342e4d9c6e823f461_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2023-08-26_36c879046504f9e342e4d9c6e823f461_mafia_JC.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2408

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\MeetingRoomInfo.ini
          Filesize

          6KB

          MD5

          ae4735bd96e923b3bddb43694aea51b4

          SHA1

          c9b98071c7619065e90cc8fae2fb2daef5a83347

          SHA256

          bf81fb7e7f5fdc44defb121aa3c5b6fad782f1abc505f954bbf5effdc07a135e

          SHA512

          e40e69e35b1c245a5baf4873d3106a3231718cef3754a8586cc46811de51a3d3c4d185d4685e1519b3d6cdb3e4f9b5556aaf9778c26169db4b814e7502af7efa

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\MeetingRoomInfo.ini
          Filesize

          4KB

          MD5

          b898f630d22cb5249bf04bd224da4582

          SHA1

          20103c5965866a69244ff5565f539aa810ef66f2

          SHA256

          8796d4d6604f6450755d338fb6eb9dc86200ccaa856e47f95ec634bf2bd7fa20

          SHA512

          0a7218515ef3d33582a7b2ff20cc11f7434567bf4bfb1383dc55e1d540d0e359d2784b7f7e294ba37c239836064312c31b903e1247e0cfad58c4bd7dc56c3392

          Download Submit