Overview

overview

7

Static

static

3

NEAS.2023-...JC.exe

windows7-x64

7

NEAS.2023-...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    23/10/2023, 20:25

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.2023-09-09_01d69bc1c81ac9582507c654c973df2d_mafia_JC.exe

  • Size

    535KB

  • MD5

    01d69bc1c81ac9582507c654c973df2d

  • SHA1

    cd98b16f926c5f1033a4150e0b0240e165518d1b

  • SHA256

    c1a9a491c2ee16ec05f282666c049d2d0f9f1f993ec0412331a641317d941cc6

  • SHA512

    36f3a37eb411de13cc16ec39c27188e2d74a0e7546fb06c3fbc0fd4cc3be3a2df80d2e39ebda1c63ff52b6fe9c3d1c3e2336167ca5574e433aea734f3c3ad463

  • SSDEEP

    12288:si4g+yU+0pAiv+qcDGuuwY11M7SNfFiDe0r4xUlvjosTdcG93Dn:si4gXn0pD+q+GJwoaEqe0rDlvjRhFJ

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-09_01d69bc1c81ac9582507c654c973df2d_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-09_01d69bc1c81ac9582507c654c973df2d_mafia_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2956
    • C:\Users\Admin\AppData\Local\Temp\6CD7.tmp
      "C:\Users\Admin\AppData\Local\Temp\6CD7.tmp" --helpC:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-09_01d69bc1c81ac9582507c654c973df2d_mafia_JC.exe B997E37AF573754E85C1B755E47E326D07D083B564E3FA0697C7FB8B3DD76B245EC73BCA0168D1ADD15D0DF9B86F992BB3FE37EC1F4D9EED900B1F2C5CC4887A
      2⤵
      • Executes dropped EXE
      PID:2052

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\6CD7.tmp
          Filesize

          535KB

          MD5

          56b43e9a2051aaa7b82dba135e236cd8

          SHA1

          c24ecd6ff0b66cebe599e4ff5bbab21494969ed2

          SHA256

          0466ac90c0540645ddbf8a33646bd8cce570f1ac7bcc91d46e94d3948a3ff8f2

          SHA512

          2f95ad65b338ee883c45f71b92f30afea5fbb7c5b698477f91581a461d2a6b8cf2c345a27a4475edb359ede5b09b58286067d7fae1857d27ac3a0a0269673b00

          Download Submit

        • \Users\Admin\AppData\Local\Temp\6CD7.tmp
          Filesize

          535KB

          MD5

          56b43e9a2051aaa7b82dba135e236cd8

          SHA1

          c24ecd6ff0b66cebe599e4ff5bbab21494969ed2

          SHA256

          0466ac90c0540645ddbf8a33646bd8cce570f1ac7bcc91d46e94d3948a3ff8f2

          SHA512

          2f95ad65b338ee883c45f71b92f30afea5fbb7c5b698477f91581a461d2a6b8cf2c345a27a4475edb359ede5b09b58286067d7fae1857d27ac3a0a0269673b00

          Download Submit