Overview

overview

7

Static

static

3

NEAS.2023-...JC.exe

windows7-x64

7

NEAS.2023-...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    23/10/2023, 20:25

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.2023-09-08_9316475d53397555f25ee43358547f4d_mafia_JC.exe

  • Size

    428KB

  • MD5

    9316475d53397555f25ee43358547f4d

  • SHA1

    a3f448d930b1b461dc9aff3b33928775938cdc6e

  • SHA256

    d3717024c588349db128b70c7707bd2f8b4461c32ba5db21de13f8b539587298

  • SHA512

    05583ac2754d917e4ec51dc19685ea5380e90bd9dfc38cf71cd17d26f463bdca40fb1e4fa72aabaa459e9b4935a09f2af17c5ab43119a094b320729e06de6ed3

  • SSDEEP

    6144:gVdvczEb7GUOpYWhNVynE/mFVFToaKnug0SkdodQNcJ2BF3Z1l7fqHR:gZLolhNVyEeFT4uPd8JJ2BD1lqHR

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-08_9316475d53397555f25ee43358547f4d_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-08_9316475d53397555f25ee43358547f4d_mafia_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1968
    • C:\Users\Admin\AppData\Local\Temp\37D2.tmp
      "C:\Users\Admin\AppData\Local\Temp\37D2.tmp" --pingC:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-08_9316475d53397555f25ee43358547f4d_mafia_JC.exe B60E6D4F6D4E9687A48D9A44A29D1A2FFD2DB1A43317E07F2F605321D7CB5EE4FB6BADA9B874C7F6965AABCCC2313FAA886EF44A4F639B96A0649F960C37BCFD
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2268

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\37D2.tmp
          Filesize

          428KB

          MD5

          a3b8674e31fb3a2b4d013463e5073722

          SHA1

          e81678c0ad55415368e3a41034798668cbde21d1

          SHA256

          c31bd77cceb1b7a912cf05b76580c53956a036dc619585c02a039910d8d109a6

          SHA512

          f0de5d12894aa8e4605a660ee6c4f858168290f7098a5bf8b2e306224752ef253f4e5d83ccc2f873d7c8f3e287260934bb958a953cb4ef88d87a94c33d916e0b

          Download Submit

        • \Users\Admin\AppData\Local\Temp\37D2.tmp
          Filesize

          428KB

          MD5

          a3b8674e31fb3a2b4d013463e5073722

          SHA1

          e81678c0ad55415368e3a41034798668cbde21d1

          SHA256

          c31bd77cceb1b7a912cf05b76580c53956a036dc619585c02a039910d8d109a6

          SHA512

          f0de5d12894aa8e4605a660ee6c4f858168290f7098a5bf8b2e306224752ef253f4e5d83ccc2f873d7c8f3e287260934bb958a953cb4ef88d87a94c33d916e0b

          Download Submit