Overview

overview

7

Static

static

3

2024-05-30...ia.exe

windows7-x64

7

2024-05-30...ia.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-05-30_364a5f2c0fe182076123d0fd29c99274_mafia

  • Size

    1.3MB

  • Sample

    240530-n1xedshb79

  • MD5

    364a5f2c0fe182076123d0fd29c99274

  • SHA1

    8f21a28e0c3bb8dd3784be5ac557b031288727e4

  • SHA256

    4db6cf843b4c65e7a3e7c87918c74c1565d6fb346e132b02a95435d568d60328

  • SHA512

    31028d32bce5504ac0adaf6880935bf308773bb98d2ebbc3adfc551d4a024657bbb406986204432cadcc00c371df85fd80ea7f85d85e6d33e79a8acbc8090aac

  • SSDEEP

    12288:q60B8l6jaOC4owiDhTFjpK0GMFgRnAkZFHANU+:q6FnOCsiDjpFGMeRXFn+

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      2024-05-30_364a5f2c0fe182076123d0fd29c99274_mafia

    • Size

      1.3MB

    • MD5

      364a5f2c0fe182076123d0fd29c99274

    • SHA1

      8f21a28e0c3bb8dd3784be5ac557b031288727e4

    • SHA256

      4db6cf843b4c65e7a3e7c87918c74c1565d6fb346e132b02a95435d568d60328

    • SHA512

      31028d32bce5504ac0adaf6880935bf308773bb98d2ebbc3adfc551d4a024657bbb406986204432cadcc00c371df85fd80ea7f85d85e6d33e79a8acbc8090aac

    • SSDEEP

      12288:q60B8l6jaOC4owiDhTFjpK0GMFgRnAkZFHANU+:q6FnOCsiDjpFGMeRXFn+

    Score
    7/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks