Overview

overview

7

Static

static

3

2023-08-27...JC.exe

windows7-x64

7

2023-08-27...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/10/2023, 17:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2023-08-27_391d5eba4e0bda49bfa7febd65df9fbf_mafia_JC.exe

  • Size

    444KB

  • MD5

    391d5eba4e0bda49bfa7febd65df9fbf

  • SHA1

    6222248c7c85e13e9a23f490f2ada778b565a271

  • SHA256

    7ae5c982c55fafde7d2d0984d0e940c0d4a7c21f791eca1f4fcc79c14c223da7

  • SHA512

    90136169aee1fc179d7a33541ee6e7635737f5b080243b4d00745086ddc4b4f78f607c246246122d06fe0ee867c1984566b5d1b96072cde8e1fc6d601c8d5500

  • SSDEEP

    12288:Nb4bZudi79LcJDaeZHqAFiNf/vTpMkN/A:Nb4bcdkLcFP/F+3vTpf

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2023-08-27_391d5eba4e0bda49bfa7febd65df9fbf_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2023-08-27_391d5eba4e0bda49bfa7febd65df9fbf_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2992
    • C:\Users\Admin\AppData\Local\Temp\64E4.tmp
      "C:\Users\Admin\AppData\Local\Temp\64E4.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2023-08-27_391d5eba4e0bda49bfa7febd65df9fbf_mafia_JC.exe D7DE0DA84C4A32AD41ED573FC12C24F1793FD87533286CCD1967B9D4BB46DE03EEB0E2848E1F461073A7F0BA857CAB3D5B2B320B466561C1B56B508CB0C31C43
      2⤵
      • Executes dropped EXE
      PID:2028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\64E4.tmp
    Filesize

    444KB

    MD5

    e7ce5b9c24d148f3ad3ee467407757f5

    SHA1

    79f1e5e99c13e0e66bfd23d410beae9dbb121ff2

    SHA256

    8c8eca60959e8f4f6972c91cb219cd38dcb16ea72f151b04dc055276a6be3ab4

    SHA512

    f0fef6614619b16effb726dfc9778dd5f6abbadb095207665b0cdb429b9104c4cb0db222c04d058eb57e43c911075aa05847e5870e608886ec67b49d15010ff9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\64E4.tmp
    Filesize

    444KB

    MD5

    e7ce5b9c24d148f3ad3ee467407757f5

    SHA1

    79f1e5e99c13e0e66bfd23d410beae9dbb121ff2

    SHA256

    8c8eca60959e8f4f6972c91cb219cd38dcb16ea72f151b04dc055276a6be3ab4

    SHA512

    f0fef6614619b16effb726dfc9778dd5f6abbadb095207665b0cdb429b9104c4cb0db222c04d058eb57e43c911075aa05847e5870e608886ec67b49d15010ff9

    Download Submit