Overview

overview

9

Static

static

2022-11-23...ia.exe

windows7-x64

9

2022-11-23...ia.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2022-11-23_9538f1bfc95331ed005e12b0cd3cbe52_floxif_mafia

  • Size

    346KB

  • Sample

    221123-xalpmsed44

  • MD5

    9538f1bfc95331ed005e12b0cd3cbe52

  • SHA1

    43b61ee17f36aa86ff1a2b1992c9a49b1de7a08f

  • SHA256

    a0125b0bc4c23a88fe5f7de7083a3a43b3d6527626318b9ea0ee5db18fb10649

  • SHA512

    343b6090a526d28add9418d1cee2f9e41924f56f079bfacee4b6767e72d484d5f0d8d6e0bf3c70d1c3a5ff073fa6b61bdaac61d69b069d308a7fcfae56d9baf4

  • SSDEEP

    6144:WRhcgGeQa217K4+AyBw5amE/zmIAkWU/jpIB3nWHpGBV+UdvrEFp7hKo:KGPaG77+5w1MzmIAtU/jpIBMMBjvrEHP

Score
9/10
persistenceupx

Malware Config

Targets

    • Target

      2022-11-23_9538f1bfc95331ed005e12b0cd3cbe52_floxif_mafia

    • Size

      346KB

    • MD5

      9538f1bfc95331ed005e12b0cd3cbe52

    • SHA1

      43b61ee17f36aa86ff1a2b1992c9a49b1de7a08f

    • SHA256

      a0125b0bc4c23a88fe5f7de7083a3a43b3d6527626318b9ea0ee5db18fb10649

    • SHA512

      343b6090a526d28add9418d1cee2f9e41924f56f079bfacee4b6767e72d484d5f0d8d6e0bf3c70d1c3a5ff073fa6b61bdaac61d69b069d308a7fcfae56d9baf4

    • SSDEEP

      6144:WRhcgGeQa217K4+AyBw5amE/zmIAkWU/jpIB3nWHpGBV+UdvrEFp7hKo:KGPaG77+5w1MzmIAtU/jpIBMMBjvrEHP

    Score
    9/10
    persistenceupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Modifies AppInit DLL entries

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks