Overview

overview

7

Static

static

3

2023-08-26...JC.exe

windows7-x64

7

2023-08-26...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    144s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-09-2023 19:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2023-08-26_c979f2fa9522bb9cd97fad9fb762ac2e_mafia_JC.exe

  • Size

    473KB

  • MD5

    c979f2fa9522bb9cd97fad9fb762ac2e

  • SHA1

    0eedee89a0392be31de0b247c2725742bebbbeca

  • SHA256

    14b5666a292adf67d74a489bff41f8cbb7c95e6a02043b5220e9672771a28997

  • SHA512

    df19423b1c0360793acc7d1b9c8054fbec6bca4404a66f42b54ee71ab503fb94d950c2f7134fb8ffbf78b1f575407880d41faf6600f28d860cb17c1f0bc14be5

  • SSDEEP

    12288:Nb4bZudi79L+E+JmFk1dnFafyp5aFEoJCwA0a:Nb4bcdkLTVk17afy6/Cj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2023-08-26_c979f2fa9522bb9cd97fad9fb762ac2e_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2023-08-26_c979f2fa9522bb9cd97fad9fb762ac2e_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2500
    • C:\Users\Admin\AppData\Local\Temp\5BEB.tmp
      "C:\Users\Admin\AppData\Local\Temp\5BEB.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2023-08-26_c979f2fa9522bb9cd97fad9fb762ac2e_mafia_JC.exe 38872B3D4A52B3EC93BB6EC3162E795EC5967C2CA9DF72E5BD9AC3F799391DBA2F7F3EF630C630A8FCCD5AC634CF457BCD2FB6BD0487AD62347E1381234F54E7
      2⤵
      • Executes dropped EXE
      PID:2728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\5BEB.tmp
    Filesize

    473KB

    MD5

    ad02772721ea49fb95b75f2fbe936a8b

    SHA1

    67bcf681fb0da96841f65b4f203bedde2b544a77

    SHA256

    a3b590ba79fde779ac5d48c848750b16a18d62d9ba615488c2bae00db47e0bf3

    SHA512

    cf01f036fa35e703cb109f2e96fe484c913398d1a8bdb2e21ba244b56abfb883228953b5a29467a5b79bb6572c6022b6304eca0c7f1322ae1936ebe934078264

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\5BEB.tmp
    Filesize

    473KB

    MD5

    ad02772721ea49fb95b75f2fbe936a8b

    SHA1

    67bcf681fb0da96841f65b4f203bedde2b544a77

    SHA256

    a3b590ba79fde779ac5d48c848750b16a18d62d9ba615488c2bae00db47e0bf3

    SHA512

    cf01f036fa35e703cb109f2e96fe484c913398d1a8bdb2e21ba244b56abfb883228953b5a29467a5b79bb6572c6022b6304eca0c7f1322ae1936ebe934078264

    Download Submit