General

  • Target

    2024-05-13_8d9923ec513b58e11ad1544c092610a0_mafia

  • Size

    499KB

  • Sample

    240513-g7tthsdd54

  • MD5

    8d9923ec513b58e11ad1544c092610a0

  • SHA1

    672b4b8288eb664d6a58ad8508a5b6c8017ba722

  • SHA256

    2fb48ffd602717d27e286713e1a0d763d4a3ad7f3274c62e21a1727c0d7ac842

  • SHA512

    92e52e04b35f82f1de661c6fb0d409ec794b04c0a10d4b54565d12c78a505ce5dc82c8b90508007404a30610fcb70419d025a5eddf3e90ce345e18a3fa2c3001

  • SSDEEP

    12288:t1q6Mn+dPqFKW0WsG7SmNOWxsJCT1gpA/:t1hMn+4FlxsqS761gp6

Score
9/10

Malware Config

Targets

    • Target

      2024-05-13_8d9923ec513b58e11ad1544c092610a0_mafia

    • Size

      499KB

    • MD5

      8d9923ec513b58e11ad1544c092610a0

    • SHA1

      672b4b8288eb664d6a58ad8508a5b6c8017ba722

    • SHA256

      2fb48ffd602717d27e286713e1a0d763d4a3ad7f3274c62e21a1727c0d7ac842

    • SHA512

      92e52e04b35f82f1de661c6fb0d409ec794b04c0a10d4b54565d12c78a505ce5dc82c8b90508007404a30610fcb70419d025a5eddf3e90ce345e18a3fa2c3001

    • SSDEEP

      12288:t1q6Mn+dPqFKW0WsG7SmNOWxsJCT1gpA/:t1hMn+4FlxsqS761gp6

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks