0fa1823b2dc3bac6c4616805a21950901fc9b9b771f95bf2ced7767376f45de1 | Triage

Submit
Reports

Overview

overview

9

Static

static

1

2024-05-03...ia.exe

windows7-x64

9

2024-05-03...ia.exe

windows10-2004-x64

9

Sharing

General

Target

2024-05-03_36a2b85e3b9f858e0d6b2f5f58f4d16e_floxif_mafia
Size

3.4MB
Sample

240503-lckpksde56
MD5

36a2b85e3b9f858e0d6b2f5f58f4d16e
SHA1

b90bcafa8839896b74da6d068cd331b72ebd185f
SHA256

0fa1823b2dc3bac6c4616805a21950901fc9b9b771f95bf2ced7767376f45de1
SHA512

e69a9c6d49f1fe4d322be95968e293b9d216452dcf6d67e8e0bbe01d49d0387091628bfcf6fed7b2c05d2fadd082c3873dd175a6c5c0e0917d7ebb6fbe4d12fa
SSDEEP

98304:ApSbilaS48FpKjdwxunJP1kBHFEVK/abYhYgF0zmwtAwuvI:g0dsBuKCOB0zmwXuvI

Score

9^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

2024-05-03_36a2b85e3b9f858e0d6b2f5f58f4d16e_floxif_mafia.exe

Resource

win7-20240221-en

persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-03_36a2b85e3b9f858e0d6b2f5f58f4d16e_floxif_mafia.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-03_36a2b85e3b9f858e0d6b2f5f58f4d16e_floxif_mafia
- Size
  
  3.4MB
- MD5
  
  36a2b85e3b9f858e0d6b2f5f58f4d16e
- SHA1
  
  b90bcafa8839896b74da6d068cd331b72ebd185f
- SHA256
  
  0fa1823b2dc3bac6c4616805a21950901fc9b9b771f95bf2ced7767376f45de1
- SHA512
  
  e69a9c6d49f1fe4d322be95968e293b9d216452dcf6d67e8e0bbe01d49d0387091628bfcf6fed7b2c05d2fadd082c3873dd175a6c5c0e0917d7ebb6fbe4d12fa
- SSDEEP
  
  98304:ApSbilaS48FpKjdwxunJP1kBHFEVK/abYhYgF0zmwtAwuvI:g0dsBuKCOB0zmwXuvI
Score

9^/10

persistence upx
- UPX dump on OEP (original entry point)
- Modifies AppInit DLL entries
  persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy