bb44909edf04d0bef7b8b544838e6600978cce868638f5876c941e7d2834ee47 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-06_a4c676786181075ebfe310a938e861e0_mafia
Size

535KB
Sample

240107-pegmgsfda9
MD5

a4c676786181075ebfe310a938e861e0
SHA1

bb41b5d94dfb279203630897003569feca0aa55d
SHA256

bb44909edf04d0bef7b8b544838e6600978cce868638f5876c941e7d2834ee47
SHA512

106804221735ea93b1edc72c6b290d349ed040780b1bccd270d22026d664cc97ed8eeddd8dd83d47eddbb4cb66badf93b1b0525b47d97464130419e7b974fa38
SSDEEP

12288:si4g+yU+0pAiv+Qo0sf8CVBb52Pi53q3wdanwxUlvjosTdcG93Dn:si4gXn0pD+QovFVBbAq5a3MYlvjRhFJ

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-06_a4c676786181075ebfe310a938e861e0_mafia
- Size
  
  535KB
- MD5
  
  a4c676786181075ebfe310a938e861e0
- SHA1
  
  bb41b5d94dfb279203630897003569feca0aa55d
- SHA256
  
  bb44909edf04d0bef7b8b544838e6600978cce868638f5876c941e7d2834ee47
- SHA512
  
  106804221735ea93b1edc72c6b290d349ed040780b1bccd270d22026d664cc97ed8eeddd8dd83d47eddbb4cb66badf93b1b0525b47d97464130419e7b974fa38
- SSDEEP
  
  12288:si4g+yU+0pAiv+Qo0sf8CVBb52Pi53q3wdanwxUlvjosTdcG93Dn:si4gXn0pD+QovFVBbAq5a3MYlvjRhFJ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2