cfc179787a2c853d906c0e301b5d3c456b8823230b03e0fed78030a705b34a76 | Triage

Sharing

General

Target

2024-01-10_34c0044dee04253964e0d8ec3c9cd739_mafia
Size

535KB
Sample

240111-ghh1qagbeq
MD5

34c0044dee04253964e0d8ec3c9cd739
SHA1

a84e1c388b52801a1c16b85daef3e3b01ea5336a
SHA256

cfc179787a2c853d906c0e301b5d3c456b8823230b03e0fed78030a705b34a76
SHA512

88df2dfb899cdad27dfbef9abe17aeb0ab74438b850772860c55fb021796e9b0907ba0ebb5e5350d3e59a7b9d6cbba1727c3b27766e916ff65723c07ba8d0f78
SSDEEP

12288:si4g+yU+0pAiv+CrxR5C07Y0HeqFuK8mWxUlvjosTdcG93Dn:si4gXn0pD+axR5NY0Hea8UlvjRhFJ

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-10_34c0044dee04253964e0d8ec3c9cd739_mafia
- Size
  
  535KB
- MD5
  
  34c0044dee04253964e0d8ec3c9cd739
- SHA1
  
  a84e1c388b52801a1c16b85daef3e3b01ea5336a
- SHA256
  
  cfc179787a2c853d906c0e301b5d3c456b8823230b03e0fed78030a705b34a76
- SHA512
  
  88df2dfb899cdad27dfbef9abe17aeb0ab74438b850772860c55fb021796e9b0907ba0ebb5e5350d3e59a7b9d6cbba1727c3b27766e916ff65723c07ba8d0f78
- SSDEEP
  
  12288:si4g+yU+0pAiv+CrxR5C07Y0HeqFuK8mWxUlvjosTdcG93Dn:si4gXn0pD+axR5NY0Hea8UlvjRhFJ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2