1a6d3da693f993e5fe8c4220c33a5fd9775430837db21873805d73f6addd77c4 | Triage

Submit
Reports

Overview

overview

9

Static

static

3

2024-02-12...ia.exe

windows7-x64

9

2024-02-12...ia.exe

windows10-2004-x64

9

Sharing

General

Target

2024-02-12_4a7095e95522a7af36f11e0cecdc9245_mafia
Size

326KB
Sample

240212-nndfraca8y
MD5

4a7095e95522a7af36f11e0cecdc9245
SHA1

8ba704db3ab083d3d8206d326d7b74a2e42aac30
SHA256

1a6d3da693f993e5fe8c4220c33a5fd9775430837db21873805d73f6addd77c4
SHA512

43db44745d2b5a11c2ddccf7704fc16f5072bf6a1995d45b977232c871160056abb0c57c6d4bae9d0972dcc5a7d20ffd8ef77a922dd49cfd8df324592c69074b
SSDEEP

6144:fowuvQ9OJaNYiuJKvu1aqc8gy2PoAaj4YROh7Flj:gw0Q9gaWPJ/1aqcw2nuAHj

Score

9^/10

persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-02-12_4a7095e95522a7af36f11e0cecdc9245_mafia.exe

Resource

win7-20231215-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-02-12_4a7095e95522a7af36f11e0cecdc9245_mafia.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-02-12_4a7095e95522a7af36f11e0cecdc9245_mafia
- Size
  
  326KB
- MD5
  
  4a7095e95522a7af36f11e0cecdc9245
- SHA1
  
  8ba704db3ab083d3d8206d326d7b74a2e42aac30
- SHA256
  
  1a6d3da693f993e5fe8c4220c33a5fd9775430837db21873805d73f6addd77c4
- SHA512
  
  43db44745d2b5a11c2ddccf7704fc16f5072bf6a1995d45b977232c871160056abb0c57c6d4bae9d0972dcc5a7d20ffd8ef77a922dd49cfd8df324592c69074b
- SSDEEP
  
  6144:fowuvQ9OJaNYiuJKvu1aqc8gy2PoAaj4YROh7Flj:gw0Q9gaWPJ/1aqcw2nuAHj
Score

9^/10

persistence
- Detects Windows executables referencing non-Windows User-Agents
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy