f0b18d7a68407447db26f031c81b5a1b834178fd2787912a7c99d4df1281e4b1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5eea7753c0f9133b2c132f6c0518b2e6_mafia_JC.exe
Size

3.8MB
Sample

230821-tsbqlseb92
MD5

5eea7753c0f9133b2c132f6c0518b2e6
SHA1

264d54e9ebe013a949262a46260f05738ebe0068
SHA256

f0b18d7a68407447db26f031c81b5a1b834178fd2787912a7c99d4df1281e4b1
SHA512

053c65de49adc64e1999f173734f11c468f03b789ea90c0f57c104d2cfdeafee68696e12460d9fe222aa2b3fd3286171bb69efff292fe9633475f029c31d95ec
SSDEEP

49152:G9yiCJ5rFwnANZGEXep+9TxFegOSDAmosh3ANkTTlMd2YtzMyxq7olHq2pG:1J5rFwnApezgOS9V3AMOd2C9zl3U

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  5eea7753c0f9133b2c132f6c0518b2e6_mafia_JC.exe
- Size
  
  3.8MB
- MD5
  
  5eea7753c0f9133b2c132f6c0518b2e6
- SHA1
  
  264d54e9ebe013a949262a46260f05738ebe0068
- SHA256
  
  f0b18d7a68407447db26f031c81b5a1b834178fd2787912a7c99d4df1281e4b1
- SHA512
  
  053c65de49adc64e1999f173734f11c468f03b789ea90c0f57c104d2cfdeafee68696e12460d9fe222aa2b3fd3286171bb69efff292fe9633475f029c31d95ec
- SSDEEP
  
  49152:G9yiCJ5rFwnANZGEXep+9TxFegOSDAmosh3ANkTTlMd2YtzMyxq7olHq2pG:1J5rFwnApezgOS9V3AMOd2C9zl3U
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2