Overview

overview

7

Static

static

3

NEAS.2023-...JC.exe

windows7-x64

7

NEAS.2023-...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231025-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231025-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/11/2023, 15:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.2023-09-28_15f284782b1a9efb9b5ce8c604e1beb9_mafia_JC.exe

  • Size

    384KB

  • MD5

    15f284782b1a9efb9b5ce8c604e1beb9

  • SHA1

    aba385bafba576b191e6b98b60e9ae5fe96cdadb

  • SHA256

    0ab647e06f3dcb73618ddd214657be421535c5f6f91e5dcd89a1d1cb3641b0fa

  • SHA512

    dc7e98f54f061a1a53f0d5056cb4b3efb82c098ebdaa9b79e69d25dd66fc7bb4a8732eae19ec081e93ce19fd74972e836a7ee34fc2447eec97fbc64efc207c6f

  • SSDEEP

    6144:drxfv4co9ZL3GBGgjODxbf7hHEoHTtS6Hu9UYRZWG81Bp7sMyVThZ:Zm48gODxbzrTY6mZl4BghZ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-28_15f284782b1a9efb9b5ce8c604e1beb9_mafia_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-28_15f284782b1a9efb9b5ce8c604e1beb9_mafia_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1700
    • C:\Users\Admin\AppData\Local\Temp\CE7B.tmp
      "C:\Users\Admin\AppData\Local\Temp\CE7B.tmp" --pingC:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-28_15f284782b1a9efb9b5ce8c604e1beb9_mafia_JC.exe 84336480ADF1C93A3D4DCB4992FC93F75573CB9DE959783701468DACA60AD5FDFB060D6AFF6C356DC2FCEFCDA34D3934D60D1AF26B0D3881CE157A00A34ECDA1
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\CE7B.tmp
    Filesize

    384KB

    MD5

    72b2ec215be6935344421c8802ae6ed4

    SHA1

    d3a0bf17405dfd9a34b43ca670bdafa7c4ed9a6b

    SHA256

    bcf204873e9102ccd0310afee85784d2372c76e04777bdd9eb3c16ea9018adc7

    SHA512

    84729b1c90e937ca3dfd2517765a1d11787d9e424284533a8606bd776deb4601f719a9463cb9fa3e83ad82a378da27ff3bdfddfaecdc0c15e654a239cff043c1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CE7B.tmp
    Filesize

    384KB

    MD5

    72b2ec215be6935344421c8802ae6ed4

    SHA1

    d3a0bf17405dfd9a34b43ca670bdafa7c4ed9a6b

    SHA256

    bcf204873e9102ccd0310afee85784d2372c76e04777bdd9eb3c16ea9018adc7

    SHA512

    84729b1c90e937ca3dfd2517765a1d11787d9e424284533a8606bd776deb4601f719a9463cb9fa3e83ad82a378da27ff3bdfddfaecdc0c15e654a239cff043c1

    Download Submit