Overview

overview

7

Static

static

3

NEAS.2023-...JC.exe

windows7-x64

7

NEAS.2023-...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    23/10/2023, 20:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.2023-09-06_8b6a8d7cfc202e366a63a0e312767a32_mafia_JC.exe

  • Size

    444KB

  • MD5

    8b6a8d7cfc202e366a63a0e312767a32

  • SHA1

    9b8fa078d6b84aeff0111701ce1f5f0d1a7edc46

  • SHA256

    6bc3da973d36893135c9a33b5eb3c3df188aef7a8435a8680d3bfbd5b7addd21

  • SHA512

    c6a86096903e4afa647a25a0c7091b135e699db8213ab0a44b8b703c31aaa3787264396c9f4575f5284a516d31d12d073c464c39fdc79fab74846462247dce36

  • SSDEEP

    12288:Nb4bZudi79L0QNCKlWp7zcr4qFprQkjd0BA:Nb4bcdkLZlunc8qFlfjd

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-06_8b6a8d7cfc202e366a63a0e312767a32_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-06_8b6a8d7cfc202e366a63a0e312767a32_mafia_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2408
    • C:\Users\Admin\AppData\Local\Temp\5541.tmp
      "C:\Users\Admin\AppData\Local\Temp\5541.tmp" --helpC:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-06_8b6a8d7cfc202e366a63a0e312767a32_mafia_JC.exe FFAE39989A5635CEDE446B75535028682267E27C1B23DCEB20F664E4FFD8458A5381C27EBB27B10BE146C06E48BDF276FDFE7F31EB094DDFF022945DFE638AEC
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1660

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\5541.tmp
          Filesize

          444KB

          MD5

          a0e9051d2bf3aee8ba33be1e8eed457b

          SHA1

          93b3437a28def347481248683a9bbe1ef2e5b5c3

          SHA256

          047832d80fc8ceac54f29e6a34f51c85f04a71bfbc6ad3fd32081090bbeb0cd9

          SHA512

          1babebe779d3e40e3dc959631892059586fe7f7bce35ed9f9f9b646848179c7fa36e1e725120ee21ae3d6ee2736c7cd3c3fc38c4b86d775536332869e2099009

          Download Submit

        • \Users\Admin\AppData\Local\Temp\5541.tmp
          Filesize

          444KB

          MD5

          a0e9051d2bf3aee8ba33be1e8eed457b

          SHA1

          93b3437a28def347481248683a9bbe1ef2e5b5c3

          SHA256

          047832d80fc8ceac54f29e6a34f51c85f04a71bfbc6ad3fd32081090bbeb0cd9

          SHA512

          1babebe779d3e40e3dc959631892059586fe7f7bce35ed9f9f9b646848179c7fa36e1e725120ee21ae3d6ee2736c7cd3c3fc38c4b86d775536332869e2099009

          Download Submit