Overview

overview

7

Static

static

3

NEAS.2023-...JC.exe

windows7-x64

7

NEAS.2023-...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    134s
  • max time network
    179s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-10-2023 20:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.2023-09-07_2765b7e57f8d25e436f1431312274f22_mafia_JC.exe

  • Size

    433KB

  • MD5

    2765b7e57f8d25e436f1431312274f22

  • SHA1

    7167640506d72f2b7a6a428abd2fde186baa65d3

  • SHA256

    54981433f16cc8ec9c597bc1e0d2be9be2b308b4d39263eb784150ec5e7872eb

  • SHA512

    ece908eed4fec087e770e242f9c311b748601f756847bf571f80d26d2c2b9d55023f6f9ff7b5b5303fc7947d0717c81f4bd52b5db3c2b813ab685074f6603769

  • SSDEEP

    12288:Ci4g+yU+0pAiv+rL7BmD0/6XBhd86/MjjnR3yyZj/kFn:Ci4gXn0pD+kDvXDM4yNg

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-07_2765b7e57f8d25e436f1431312274f22_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-07_2765b7e57f8d25e436f1431312274f22_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4072
    • C:\Users\Admin\AppData\Local\Temp\3BBC.tmp
      "C:\Users\Admin\AppData\Local\Temp\3BBC.tmp" --helpC:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-07_2765b7e57f8d25e436f1431312274f22_mafia_JC.exe EFB993800ADDD289FC394F8C9F66AAFCD31384CBE3C85945142A9AD8C7C2A4D6D41F8483028AFC0EF684B3D862A17FE4BDB68667B070591DE747B0A4B2490DE3
      2⤵
      • Executes dropped EXE
      PID:3164

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\3BBC.tmp
    Filesize

    433KB

    MD5

    dbfd797bd618c8d71e9edf2a3ff09ead

    SHA1

    21e4d83f137dcd2750b0a0d579a12377581e49df

    SHA256

    5bacc81e71dce7849a7072333d3b01d65c2dc706d8b4c1926afc8ee76431a15d

    SHA512

    00ba57d3ef9f1b92250b4d6f9ae1c500d56115860eecb24f70a84e6f24b5af6ef53782dd7427c41aaea5b3c20e7fc477f93402dac35d5da47c1dbda96b0230d1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\3BBC.tmp
    Filesize

    433KB

    MD5

    dbfd797bd618c8d71e9edf2a3ff09ead

    SHA1

    21e4d83f137dcd2750b0a0d579a12377581e49df

    SHA256

    5bacc81e71dce7849a7072333d3b01d65c2dc706d8b4c1926afc8ee76431a15d

    SHA512

    00ba57d3ef9f1b92250b4d6f9ae1c500d56115860eecb24f70a84e6f24b5af6ef53782dd7427c41aaea5b3c20e7fc477f93402dac35d5da47c1dbda96b0230d1

    Download Submit