Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
12-06-2024 11:28
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-12_0b7e3ceed1adf811de8c36d3ff0a3e50_mafia.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-12_0b7e3ceed1adf811de8c36d3ff0a3e50_mafia.exe
Resource
win10v2004-20240508-en
General
-
Target
2024-06-12_0b7e3ceed1adf811de8c36d3ff0a3e50_mafia.exe
-
Size
1.1MB
-
MD5
0b7e3ceed1adf811de8c36d3ff0a3e50
-
SHA1
8ecbf03b0e27e67892fc796fbd2e1725dd33ebfc
-
SHA256
ac8f01ab57ff7f95f08b3045cfa054bc82afddfffd01a1bf361bf19390c2d37e
-
SHA512
5ca82787acbc32b7a2b415977c50c50ea4ae6969610d8b11357cbc45c28f31086e463007f6a473760f7506a33639d0813ad23cf5e5c1b3c3c62e553e76fd5344
-
SSDEEP
24576:yRFJPpTsearbFq0kh8iQekla1uxgcVbIm6gQJgk870B:UpBYekla4gcVbIm6gQJgk870B
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
Processes:
2024-06-12_0b7e3ceed1adf811de8c36d3ff0a3e50_mafia.exedescription ioc process File opened for modification \??\PhysicalDrive0 2024-06-12_0b7e3ceed1adf811de8c36d3ff0a3e50_mafia.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Public\Documents\Baidu\Common\I18N\conf.dbFilesize
367B
MD5cec4ac1e9aa05559422a5d54478addb2
SHA151f464f29e3af046021e0ee6e3a3360f082fd25c
SHA25641d8f20fe51c1281f650127aa240414a86f849502fcaa883eeffeb00b2d37362
SHA512657518d0167d2ed7063a28a271097bdfde8888bd3b8aa500b723f337b68877a1f4e914a0ef38f2508fa0e6cc4e15d88be3a8989e32f7b74e38766ec880503d4d
-
memory/2204-8-0x0000000000160000-0x0000000000161000-memory.dmpFilesize
4KB