d8016bd1c534ca9892d687cd9de94361c1a0352954e39faa9731b8ccdee91b57 | Triage

Sharing

General

Target

2024-01-10_c653bc378192fd9217f222a1460ea902_mafia
Size

535KB
Sample

240111-gm7vmsaeg4
MD5

c653bc378192fd9217f222a1460ea902
SHA1

7f25399730a2236e41f6f9c29099723e028dbc62
SHA256

d8016bd1c534ca9892d687cd9de94361c1a0352954e39faa9731b8ccdee91b57
SHA512

b21d60a7d9efab4498f985fc21ed35a7cdb83e83059312f394591c63344f093abc45bc02ec60ad0eebc483fc475f165087ba16abac56ee2ddc05ea2d70f91d57
SSDEEP

12288:si4g+yU+0pAiv+g9wqZ8FQgBzONXtU0Sj85zLc1586xUlvjosTdcG93Dn:si4gXn0pD+48aUzaXzSj85Pc1581lvjT

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-10_c653bc378192fd9217f222a1460ea902_mafia
- Size
  
  535KB
- MD5
  
  c653bc378192fd9217f222a1460ea902
- SHA1
  
  7f25399730a2236e41f6f9c29099723e028dbc62
- SHA256
  
  d8016bd1c534ca9892d687cd9de94361c1a0352954e39faa9731b8ccdee91b57
- SHA512
  
  b21d60a7d9efab4498f985fc21ed35a7cdb83e83059312f394591c63344f093abc45bc02ec60ad0eebc483fc475f165087ba16abac56ee2ddc05ea2d70f91d57
- SSDEEP
  
  12288:si4g+yU+0pAiv+g9wqZ8FQgBzONXtU0Sj85zLc1586xUlvjosTdcG93Dn:si4gXn0pD+48aUzaXzSj85Pc1581lvjT
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2