Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
12-06-2024 11:04
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-12_28fb287f2832ab9b8c69a0f768c33803_mafia.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
2024-06-12_28fb287f2832ab9b8c69a0f768c33803_mafia.exe
Resource
win10v2004-20240611-en
General
-
Target
2024-06-12_28fb287f2832ab9b8c69a0f768c33803_mafia.exe
-
Size
1.1MB
-
MD5
28fb287f2832ab9b8c69a0f768c33803
-
SHA1
c5a714864abf6493f27397744e1800986f2b8d23
-
SHA256
a6c1ade005152d1f2478c9a15a6b8ccf6f6808b73f28a142f7e82ddb16e23c5d
-
SHA512
ec2644256cd7960dc185cb56b1b97e2e5196d2158637856f5023d20be334d327d8d8b08cca90aaa5b5c3cf6707f3baa9a8cb4d9cd2178fb57e267b9561bb9323
-
SSDEEP
24576:VRFJPpTsearbFq0kh8iQekla1ux6c0bIm6gQJgk87UQ:3pBYekla46c0bIm6gQJgk87UQ
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
Processes:
2024-06-12_28fb287f2832ab9b8c69a0f768c33803_mafia.exedescription ioc process File opened for modification \??\PhysicalDrive0 2024-06-12_28fb287f2832ab9b8c69a0f768c33803_mafia.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Public\Documents\Baidu\Common\I18N\conf.dbFilesize
367B
MD506032e87dd9e61078a1fea718516c64b
SHA168c2b601b1a79a07ce19f649ad2066280e1af41a
SHA256825f134908c85c321741cd9cd0ded7804c46ff6cc0ef31b4501521c444bf3d10
SHA5128a4b6967f4bb144bdb0948705d8c972a00e499812c35eae71c2b8442ecc6bff8b9a51afc30639f2bcbb8d3209939ffa843105e07e886c62573602ee22b93eda8
-
memory/1940-8-0x00000000023B0000-0x00000000023B1000-memory.dmpFilesize
4KB