d13a693358ab8c6dbb22976e22d6ec9052842276d0d737a7e3a8e9030d309089 | Triage

Sharing

General

Target

f7bb35dc4fbeba4d17e509393ad4131f_mafia_JC.exe
Size

3.5MB
Sample

230815-twzlvadg9v
MD5

f7bb35dc4fbeba4d17e509393ad4131f
SHA1

58326a6027755fc8246ee244fce6598092ffc042
SHA256

d13a693358ab8c6dbb22976e22d6ec9052842276d0d737a7e3a8e9030d309089
SHA512

b5d3d4a4b08f6a368bf9d9464a8233f65bb98853d7613e454c594c15bb29f6171416acd58c4924a1ed81770bfd864b5daae5b3cd870e8f7ad0cd81c4871a2101
SSDEEP

49152:a9yiCJ5rFwnANZGEXep+9TxFegOSDAmosh3ANkTTlQmlI8zrx+jWqZdLO:RJ5rFwnApezgOS9V3AMdld8jW0O

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f7bb35dc4fbeba4d17e509393ad4131f_mafia_JC.exe
- Size
  
  3.5MB
- MD5
  
  f7bb35dc4fbeba4d17e509393ad4131f
- SHA1
  
  58326a6027755fc8246ee244fce6598092ffc042
- SHA256
  
  d13a693358ab8c6dbb22976e22d6ec9052842276d0d737a7e3a8e9030d309089
- SHA512
  
  b5d3d4a4b08f6a368bf9d9464a8233f65bb98853d7613e454c594c15bb29f6171416acd58c4924a1ed81770bfd864b5daae5b3cd870e8f7ad0cd81c4871a2101
- SSDEEP
  
  49152:a9yiCJ5rFwnANZGEXep+9TxFegOSDAmosh3ANkTTlQmlI8zrx+jWqZdLO:RJ5rFwnApezgOS9V3AMdld8jW0O
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2