Overview

overview

9

Static

static

1

2024-03-26...ia.exe

windows7-x64

9

2024-03-26...ia.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-26_c4f5fe1d3ad593435a4f4f3b41b8655d_floxif_mafia

  • Size

    2.6MB

  • Sample

    240326-1hdksaga3z

  • MD5

    c4f5fe1d3ad593435a4f4f3b41b8655d

  • SHA1

    0ea89a3bccad60b57b2934bc9bfb3e554f645bdf

  • SHA256

    e9361e4e90e369ce924619157ecd84f9668b63ccaee035462c5b37c170df9f59

  • SHA512

    ac24a4fc600b1cbe312a92bb832dd6ecc057c05564940115eac5e74bbe40a1752ad691d86c1fe7ac7d202cadf2dbfa6dd14366283d185300cf9fc2c002a165db

  • SSDEEP

    49152:Kw6c5LN7VSjOmZ1viy920yqWlPlF3RyU9nxvG3bQyf9TFiEd2IRm0Smz4hJQ:Yc5LN7CHZAy92iWlPlF3RyU9nhGlfvfR

Score
9/10
persistenceupx

Malware Config

Targets

    • Target

      2024-03-26_c4f5fe1d3ad593435a4f4f3b41b8655d_floxif_mafia

    • Size

      2.6MB

    • MD5

      c4f5fe1d3ad593435a4f4f3b41b8655d

    • SHA1

      0ea89a3bccad60b57b2934bc9bfb3e554f645bdf

    • SHA256

      e9361e4e90e369ce924619157ecd84f9668b63ccaee035462c5b37c170df9f59

    • SHA512

      ac24a4fc600b1cbe312a92bb832dd6ecc057c05564940115eac5e74bbe40a1752ad691d86c1fe7ac7d202cadf2dbfa6dd14366283d185300cf9fc2c002a165db

    • SSDEEP

      49152:Kw6c5LN7VSjOmZ1viy920yqWlPlF3RyU9nxvG3bQyf9TFiEd2IRm0Smz4hJQ:Yc5LN7CHZAy92iWlPlF3RyU9nhGlfvfR

    Score
    9/10
    persistenceupx

    • UPX dump on OEP (original entry point)

    • Modifies AppInit DLL entries

      persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks