Overview

overview

7

Static

static

3

2023-08-26...JC.exe

windows7-x64

7

2023-08-26...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/10/2023, 17:43

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2023-08-26_606f81e930b7080e1f88ec8f030eee7f_mafia_JC.exe

  • Size

    428KB

  • MD5

    606f81e930b7080e1f88ec8f030eee7f

  • SHA1

    e368c9d88f9ec8a5903733f9e77fd5c28d3e1bff

  • SHA256

    2cc6f7e91ae4d66d644c2ff3d2823b35ed9554a4d45903727257ff9d5052e6c8

  • SHA512

    6d7274e70e1458a6fe6d6a66d1634b42ec5d73211ae02e6a43b3e3b6272c83d2dce9518d348bd15bbb099fe27c779e05a99b4d38d28bd15445f0598b49e91081

  • SSDEEP

    12288:Z594+AcL4tBekiuKzErtF7jjcZ0CYFAeoH6KrdfLrj9QmAlNl:BL4tBekiuVrfHjc6viDH6Kx9RAlN

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2023-08-26_606f81e930b7080e1f88ec8f030eee7f_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2023-08-26_606f81e930b7080e1f88ec8f030eee7f_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3252
    • C:\Users\Admin\AppData\Local\Temp\A99E.tmp
      "C:\Users\Admin\AppData\Local\Temp\A99E.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2023-08-26_606f81e930b7080e1f88ec8f030eee7f_mafia_JC.exe 2522450D91B6810259803C1579F19364728A5B9884F1BD23DD60328FA32998D867F6619A6730E8FDD0A4374521F155C9C64A8140F3294FD76C6B70500343B2A3
      2⤵
      • Executes dropped EXE
      PID:2336

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\A99E.tmp
          Filesize

          428KB

          MD5

          4a7c4621924fc29cc1387e5ce3b53042

          SHA1

          97b30afbc151a924b9b19783228dd139cfa21dde

          SHA256

          a90acec6259124f3d5d87aba2ffda2806c40e3b643f36f7afd5d1b8258874b34

          SHA512

          7dc02eaef1aeb44eb2d5259fe90b81621ff75bf59df50d4beccc12b7bc70392b80acb1bb2c3063476c6552cf740bcb62e0d81434f0843699e4d0a5f688ebe100

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\A99E.tmp
          Filesize

          428KB

          MD5

          4a7c4621924fc29cc1387e5ce3b53042

          SHA1

          97b30afbc151a924b9b19783228dd139cfa21dde

          SHA256

          a90acec6259124f3d5d87aba2ffda2806c40e3b643f36f7afd5d1b8258874b34

          SHA512

          7dc02eaef1aeb44eb2d5259fe90b81621ff75bf59df50d4beccc12b7bc70392b80acb1bb2c3063476c6552cf740bcb62e0d81434f0843699e4d0a5f688ebe100

          Download Submit