Overview

overview

9

Static

static

1

2024-04-10...ia.exe

windows7-x64

9

2024-04-10...ia.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-04-10_ec2ff4575bf84c570e3e9760c284dd43_mafia

  • Size

    509KB

  • Sample

    240410-rvlbqaec6x

  • MD5

    ec2ff4575bf84c570e3e9760c284dd43

  • SHA1

    34070027728629e256563c7a250b61bd5b65e781

  • SHA256

    9385926f2167ea40f37ca4829c2081aa324f4565fa79aea9b0343908ba2db55b

  • SHA512

    daf0df72a462d189ee2267013c643a4c1e000d63cc6b42e9bfc6d9152fa7255dab8d2e56a83a1d4f2cebf4f08ebcc8e168e4d6c9424d905fc0a15c6d887ea554

  • SSDEEP

    12288:Wv9RGfqZ2Z3NBDYXZ35g6LyCluJCmAgo7:WvifqZ2voZ35g6Lo0gk

Score
9/10
evasion

Malware Config

Targets

    • Target

      2024-04-10_ec2ff4575bf84c570e3e9760c284dd43_mafia

    • Size

      509KB

    • MD5

      ec2ff4575bf84c570e3e9760c284dd43

    • SHA1

      34070027728629e256563c7a250b61bd5b65e781

    • SHA256

      9385926f2167ea40f37ca4829c2081aa324f4565fa79aea9b0343908ba2db55b

    • SHA512

      daf0df72a462d189ee2267013c643a4c1e000d63cc6b42e9bfc6d9152fa7255dab8d2e56a83a1d4f2cebf4f08ebcc8e168e4d6c9424d905fc0a15c6d887ea554

    • SSDEEP

      12288:Wv9RGfqZ2Z3NBDYXZ35g6LyCluJCmAgo7:WvifqZ2voZ35g6Lo0gk

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks