General

  • Target

    2024-05-13_8ce382b10c0f5a242b1eee891558e180_mafia

  • Size

    526KB

  • Sample

    240513-g7n82add48

  • MD5

    8ce382b10c0f5a242b1eee891558e180

  • SHA1

    69225df867d8e9e53c53b200ba0e42a19daf1878

  • SHA256

    1206d71f9da6f447516d7aaca4c9c41fbd40e07d4e11af6bc1211dc7a4768c70

  • SHA512

    e3425e47d54f9ca51c58c0f4b236653778f1bae60471b95b4188be0e47c6f7bd4ffdd7450d2b27d5a923f3a900222fac9b138e4e1c74ac87e6b6d78559b82384

  • SSDEEP

    12288:RfoFUKHezLeShwDsYQGvkIS8Y1sGmVOoBjWw8:RfoFUKHezb61caYKLV1jp8

Score
9/10

Malware Config

Targets

    • Target

      2024-05-13_8ce382b10c0f5a242b1eee891558e180_mafia

    • Size

      526KB

    • MD5

      8ce382b10c0f5a242b1eee891558e180

    • SHA1

      69225df867d8e9e53c53b200ba0e42a19daf1878

    • SHA256

      1206d71f9da6f447516d7aaca4c9c41fbd40e07d4e11af6bc1211dc7a4768c70

    • SHA512

      e3425e47d54f9ca51c58c0f4b236653778f1bae60471b95b4188be0e47c6f7bd4ffdd7450d2b27d5a923f3a900222fac9b138e4e1c74ac87e6b6d78559b82384

    • SSDEEP

      12288:RfoFUKHezLeShwDsYQGvkIS8Y1sGmVOoBjWw8:RfoFUKHezb61caYKLV1jp8

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks