Overview

overview

7

Static

static

3

2024-04-21...ll.exe

windows7-x64

7

2024-04-21...ll.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-04-21_47390f4a729ebd6a0d36d81b9e345076_mafia_stonedrill

  • Size

    387KB

  • Sample

    240421-nle7kahh93

  • MD5

    47390f4a729ebd6a0d36d81b9e345076

  • SHA1

    d957b85fc93d5f978bc7fa2d935164f30ff33fe4

  • SHA256

    815b730a60f095634a36a8b79b20e979f9a660eb890b65de27f33a3505bfd7cf

  • SHA512

    16801ffca2fd5398c00d0893103a94c2d1663afb7eb4129b35a89b7bed4003d31ef12af45e8513377f8e9c82b4227f9bc5ca26b35d5f2150adfc94d7eb1ceb28

  • SSDEEP

    12288:BqYXje0DF9k64/QSywqP0T8oIN1AHDFhY25fC2WF9sd204P:BqYDF9k64/Q9j28okAHDHY25fC2WF9s+

Score
7/10
persistence

Malware Config

Targets

    • Target

      2024-04-21_47390f4a729ebd6a0d36d81b9e345076_mafia_stonedrill

    • Size

      387KB

    • MD5

      47390f4a729ebd6a0d36d81b9e345076

    • SHA1

      d957b85fc93d5f978bc7fa2d935164f30ff33fe4

    • SHA256

      815b730a60f095634a36a8b79b20e979f9a660eb890b65de27f33a3505bfd7cf

    • SHA512

      16801ffca2fd5398c00d0893103a94c2d1663afb7eb4129b35a89b7bed4003d31ef12af45e8513377f8e9c82b4227f9bc5ca26b35d5f2150adfc94d7eb1ceb28

    • SSDEEP

      12288:BqYXje0DF9k64/QSywqP0T8oIN1AHDFhY25fC2WF9sd204P:BqYDF9k64/Q9j28okAHDHY25fC2WF9s+

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks