Overview

overview

9

Static

static

3

2024-04-17...ia.exe

windows7-x64

9

2024-04-17...ia.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-04-17_2a82eb9fecafa0148d609dbc1e31cbf2_karagany_mafia

  • Size

    194KB

  • Sample

    240417-qqqj7she28

  • MD5

    2a82eb9fecafa0148d609dbc1e31cbf2

  • SHA1

    eb1d75214f6bdbd13eaada2bf1aa94215ef57efe

  • SHA256

    4dfd72841c31b234bc6a2710d3efc6b158ff3c02542ada2de72aec9a2e818aeb

  • SHA512

    03f20a28f093e583027681b6f78161f6df39422a2644d386a0ba4aacc093762fc0cc274357075220ba2feb376f3510cd39a39a59c178bcfd60afc80ecead35cc

  • SSDEEP

    3072:cTsPZpEiVR1s4zxxT4uCx2bDpsWutoKxgW6J7gyksi:ZZpvR1s4zGx2koK6W6RgrZ

Score
9/10
persistence

Malware Config

Targets

    • Target

      2024-04-17_2a82eb9fecafa0148d609dbc1e31cbf2_karagany_mafia

    • Size

      194KB

    • MD5

      2a82eb9fecafa0148d609dbc1e31cbf2

    • SHA1

      eb1d75214f6bdbd13eaada2bf1aa94215ef57efe

    • SHA256

      4dfd72841c31b234bc6a2710d3efc6b158ff3c02542ada2de72aec9a2e818aeb

    • SHA512

      03f20a28f093e583027681b6f78161f6df39422a2644d386a0ba4aacc093762fc0cc274357075220ba2feb376f3510cd39a39a59c178bcfd60afc80ecead35cc

    • SSDEEP

      3072:cTsPZpEiVR1s4zxxT4uCx2bDpsWutoKxgW6J7gyksi:ZZpvR1s4zGx2koK6W6RgrZ

    Score
    9/10
    persistence

    • Detects Windows executables referencing non-Windows User-Agents

    • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks