Overview

overview

6

Static

static

1

2024-06-11...ia.exe

windows7-x64

6

2024-06-11...ia.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    93s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/06/2024, 11:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-06-11_837715d5720f49e3c31c363df0f0dc38_mafia.exe

  • Size

    1.1MB

  • MD5

    837715d5720f49e3c31c363df0f0dc38

  • SHA1

    7ecb2c665f6b408d94330c7a83a04d3c3c39affb

  • SHA256

    ccf5fbef6b494e14ff74555796f905f53e43920435dd8ed793e9bba5b1831b48

  • SHA512

    209c299cb1647f83e0899f4c50c5a8b800d087c1864d0d47997f5d8cf802e66878e8f8959d4872a1e901f17749e4f006939ddf91d28b19142a0898c81022a7ea

  • SSDEEP

    24576:yRFJPpTsearbFq0kh8iQekla1ux1cnbIm6gQJgk870I:UpBYekla41cnbIm6gQJgk870I

Score
6/10
bootkitpersistence

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-06-11_837715d5720f49e3c31c363df0f0dc38_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-06-11_837715d5720f49e3c31c363df0f0dc38_mafia.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    PID:3352

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Public\Documents\Baidu\Common\I18N\conf.db
    Filesize

    403B

    MD5

    328b82fffc47d9c98a35f60447e42183

    SHA1

    0573fdc9aca07512c78455d5f7b9750d12ae1ba0

    SHA256

    3d6c067c2d22c844fb80d9bccf65bcc52c16237ed37a9b53bb15ebbc62319019

    SHA512

    6aee045245066b67d36fb1ffca51c0adc18f69e908aaeedcf9bfda03d120d4ea347523d696b05be613933a4e842a9eb825cc4bccac9c14e416af03fbc6b39266

    Download Submit

  • memory/3352-9-0x0000000002B40000-0x0000000002B41000-memory.dmp

    Filesize

    4KB

    Download