Overview

overview

9

Static

static

1

2024-03-27...ia.exe

windows7-x64

9

2024-03-27...ia.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-27_1124bb943c4690154daa9489e8e96d81_floxif_mafia

  • Size

    2.6MB

  • Sample

    240327-x39beaac93

  • MD5

    1124bb943c4690154daa9489e8e96d81

  • SHA1

    59d759f880b11d1236eccd846e7d3b396b900563

  • SHA256

    8edd03a880fae017baab070e13221eb021ded6965633f3417c90f5ee379d9800

  • SHA512

    f7423ccf47a93d7942340f3eec9d6290fd5af0a0ea514a63ea6fe6e512f85072af2e94675b2d6e6c9716d3048e267fd892fb8e7c3687e9d33a4ab4a95bcebe76

  • SSDEEP

    49152:Kw6c5LN7VSjOmZ1viy920yqWlPlF3RyU9nxvG3bQAf9YFiEd2IRmLSmz4hJj:Yc5LN7CHZAy92iWlPlF3RyU9nhG3fsfN

Score
9/10
persistenceupx

Malware Config

Targets

    • Target

      2024-03-27_1124bb943c4690154daa9489e8e96d81_floxif_mafia

    • Size

      2.6MB

    • MD5

      1124bb943c4690154daa9489e8e96d81

    • SHA1

      59d759f880b11d1236eccd846e7d3b396b900563

    • SHA256

      8edd03a880fae017baab070e13221eb021ded6965633f3417c90f5ee379d9800

    • SHA512

      f7423ccf47a93d7942340f3eec9d6290fd5af0a0ea514a63ea6fe6e512f85072af2e94675b2d6e6c9716d3048e267fd892fb8e7c3687e9d33a4ab4a95bcebe76

    • SSDEEP

      49152:Kw6c5LN7VSjOmZ1viy920yqWlPlF3RyU9nxvG3bQAf9YFiEd2IRmLSmz4hJj:Yc5LN7CHZAy92iWlPlF3RyU9nhG3fsfN

    Score
    9/10
    persistenceupx

    • UPX dump on OEP (original entry point)

    • Modifies AppInit DLL entries

      persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks