Overview

overview

9

Static

static

1

2024-05-12...ia.exe

windows7-x64

9

2024-05-12...ia.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-12_b9e00aee7727473a64d545c428eef470_floxif_mafia

  • Size

    2.5MB

  • Sample

    240512-pqdd7shh63

  • MD5

    b9e00aee7727473a64d545c428eef470

  • SHA1

    e8b7ce34e02fbb882620c30c6cb04524fcbdc949

  • SHA256

    71edb31b67edf66d38efccd1787679607fd127a76e7d45c2ddc02fbc56b2d4d7

  • SHA512

    e10205d70fe973a8a7727f2dbff9086dcbf4611f0351169472a7929209c8727bc1cd5341b1f99d788e31da53ad57b8e5eb4d1654bfe579abe4176432397eb905

  • SSDEEP

    49152:t0IIKjofs2hPd2l177BTK2VbDsar1YDjO:tBWfs2hPIl1/Z

Score
9/10
persistenceupx

Malware Config

Targets

    • Target

      2024-05-12_b9e00aee7727473a64d545c428eef470_floxif_mafia

    • Size

      2.5MB

    • MD5

      b9e00aee7727473a64d545c428eef470

    • SHA1

      e8b7ce34e02fbb882620c30c6cb04524fcbdc949

    • SHA256

      71edb31b67edf66d38efccd1787679607fd127a76e7d45c2ddc02fbc56b2d4d7

    • SHA512

      e10205d70fe973a8a7727f2dbff9086dcbf4611f0351169472a7929209c8727bc1cd5341b1f99d788e31da53ad57b8e5eb4d1654bfe579abe4176432397eb905

    • SSDEEP

      49152:t0IIKjofs2hPd2l177BTK2VbDsar1YDjO:tBWfs2hPIl1/Z

    Score
    9/10
    persistenceupx

    • UPX dump on OEP (original entry point)

    • Modifies AppInit DLL entries

      persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks