Overview

overview

9

Static

static

1

2024-05-26...ia.exe

windows7-x64

9

2024-05-26...ia.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-26_d7eb3abe32116ce4e97cf03ef4dba545_floxif_mafia

  • Size

    23.0MB

  • Sample

    240526-1dmynacf71

  • MD5

    d7eb3abe32116ce4e97cf03ef4dba545

  • SHA1

    2cbb755fca1de74972bd33aa32950761d09b615e

  • SHA256

    d743c03d8ba0a2f8d4186c00350f9bcde53a5781d63761724049c977e2ce7fd3

  • SHA512

    1b5df1f926b2692a3e0da911d33445e81ce2ea430468976a5377df2dda769343c30d363f52e55c448475e8a0b90488ffa245012970fc4163a9c8b0f9afcf6dad

  • SSDEEP

    393216:z95RjkOqn778Sd3o+83Jsv6tWKFdu9CwvUiPbKv647n+YlmYI:bRjk37Iq3oOD2vegmF

Score
9/10
persistenceupx

Malware Config

Targets

    • Target

      2024-05-26_d7eb3abe32116ce4e97cf03ef4dba545_floxif_mafia

    • Size

      23.0MB

    • MD5

      d7eb3abe32116ce4e97cf03ef4dba545

    • SHA1

      2cbb755fca1de74972bd33aa32950761d09b615e

    • SHA256

      d743c03d8ba0a2f8d4186c00350f9bcde53a5781d63761724049c977e2ce7fd3

    • SHA512

      1b5df1f926b2692a3e0da911d33445e81ce2ea430468976a5377df2dda769343c30d363f52e55c448475e8a0b90488ffa245012970fc4163a9c8b0f9afcf6dad

    • SSDEEP

      393216:z95RjkOqn778Sd3o+83Jsv6tWKFdu9CwvUiPbKv647n+YlmYI:bRjk37Iq3oOD2vegmF

    Score
    9/10
    persistenceupx

    • UPX dump on OEP (original entry point)

    • Downloads MZ/PE file

    • Modifies AppInit DLL entries

      persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks