Overview

overview

7

Static

static

3

2023-08-26...JC.exe

windows7-x64

7

2023-08-26...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    138s
  • max time network
    136s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-10-2023 21:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2023-08-26_f6d67a95ba885012fc3718700addc6da_mafia_JC.exe

  • Size

    473KB

  • MD5

    f6d67a95ba885012fc3718700addc6da

  • SHA1

    d60ddaf71510410bda1dc1d7f7814ffc97bb2a9a

  • SHA256

    951891b6d4dd3e2ff6f1a9dd65d35f047de4205e689593de4a9eab3bcd56c12c

  • SHA512

    125599573bf8f8c621e3f733fa57cc41a7ae36ea99abf104d1cf3ba3b589f586216d8d6624ec9bdbd3c71c0b87fe7e3e4f0634a7d4532a579e5e7c01b91e3e04

  • SSDEEP

    12288:Nb4bZudi79LA8yZpSDyCpO6zcyC69PA0a:Nb4bcdkL9yZKwvH

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2023-08-26_f6d67a95ba885012fc3718700addc6da_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2023-08-26_f6d67a95ba885012fc3718700addc6da_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4756
    • C:\Users\Admin\AppData\Local\Temp\B4F8.tmp
      "C:\Users\Admin\AppData\Local\Temp\B4F8.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2023-08-26_f6d67a95ba885012fc3718700addc6da_mafia_JC.exe 1E9DE900D400838E925AA66D15476C41AACEE08DACD7C9026376DB217ACD7F89F890C80C3FAD4B2E6EBBE74E90168AB366CE9EB7E8DC41DC2A0A212FB15BD3BB
      2⤵
      • Executes dropped EXE
      PID:4968

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\B4F8.tmp
    Filesize

    473KB

    MD5

    cc19c20f18eddc5e80c1382b759dc7b6

    SHA1

    399e1b63a87e0de31851b6de15ab79e8cdb27f57

    SHA256

    77fe6dcc368ad8e18869d626b0e5fa43899d92dcbb790cb16f7805e2a1c0cc23

    SHA512

    37b5b754a210836e0ff3685defaf6a0c82212ad2cc1ec90f3130a8f322431d9be7cb7a8b1e262455dfd5b955e72490dc446dac94239e3da3488e2481eac670fd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\B4F8.tmp
    Filesize

    473KB

    MD5

    cc19c20f18eddc5e80c1382b759dc7b6

    SHA1

    399e1b63a87e0de31851b6de15ab79e8cdb27f57

    SHA256

    77fe6dcc368ad8e18869d626b0e5fa43899d92dcbb790cb16f7805e2a1c0cc23

    SHA512

    37b5b754a210836e0ff3685defaf6a0c82212ad2cc1ec90f3130a8f322431d9be7cb7a8b1e262455dfd5b955e72490dc446dac94239e3da3488e2481eac670fd

    Download Submit