General
-
Target
2024-05-13_8ce382b10c0f5a242b1eee891558e180_mafia
-
Size
526KB
-
Sample
240513-g7n82add48
-
MD5
8ce382b10c0f5a242b1eee891558e180
-
SHA1
69225df867d8e9e53c53b200ba0e42a19daf1878
-
SHA256
1206d71f9da6f447516d7aaca4c9c41fbd40e07d4e11af6bc1211dc7a4768c70
-
SHA512
e3425e47d54f9ca51c58c0f4b236653778f1bae60471b95b4188be0e47c6f7bd4ffdd7450d2b27d5a923f3a900222fac9b138e4e1c74ac87e6b6d78559b82384
-
SSDEEP
12288:RfoFUKHezLeShwDsYQGvkIS8Y1sGmVOoBjWw8:RfoFUKHezb61caYKLV1jp8
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-13_8ce382b10c0f5a242b1eee891558e180_mafia.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-13_8ce382b10c0f5a242b1eee891558e180_mafia.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-13_8ce382b10c0f5a242b1eee891558e180_mafia
-
Size
526KB
-
MD5
8ce382b10c0f5a242b1eee891558e180
-
SHA1
69225df867d8e9e53c53b200ba0e42a19daf1878
-
SHA256
1206d71f9da6f447516d7aaca4c9c41fbd40e07d4e11af6bc1211dc7a4768c70
-
SHA512
e3425e47d54f9ca51c58c0f4b236653778f1bae60471b95b4188be0e47c6f7bd4ffdd7450d2b27d5a923f3a900222fac9b138e4e1c74ac87e6b6d78559b82384
-
SSDEEP
12288:RfoFUKHezLeShwDsYQGvkIS8Y1sGmVOoBjWw8:RfoFUKHezb61caYKLV1jp8
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-