Analysis
-
max time kernel
51s -
max time network
51s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
12-06-2024 11:28
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-12_0b7e3ceed1adf811de8c36d3ff0a3e50_mafia.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-12_0b7e3ceed1adf811de8c36d3ff0a3e50_mafia.exe
Resource
win10v2004-20240508-en
General
-
Target
2024-06-12_0b7e3ceed1adf811de8c36d3ff0a3e50_mafia.exe
-
Size
1.1MB
-
MD5
0b7e3ceed1adf811de8c36d3ff0a3e50
-
SHA1
8ecbf03b0e27e67892fc796fbd2e1725dd33ebfc
-
SHA256
ac8f01ab57ff7f95f08b3045cfa054bc82afddfffd01a1bf361bf19390c2d37e
-
SHA512
5ca82787acbc32b7a2b415977c50c50ea4ae6969610d8b11357cbc45c28f31086e463007f6a473760f7506a33639d0813ad23cf5e5c1b3c3c62e553e76fd5344
-
SSDEEP
24576:yRFJPpTsearbFq0kh8iQekla1uxgcVbIm6gQJgk870B:UpBYekla4gcVbIm6gQJgk870B
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
Processes:
2024-06-12_0b7e3ceed1adf811de8c36d3ff0a3e50_mafia.exedescription ioc process File opened for modification \??\PhysicalDrive0 2024-06-12_0b7e3ceed1adf811de8c36d3ff0a3e50_mafia.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Public\Documents\Baidu\Common\I18N\conf.dbFilesize
403B
MD57112a33cbe425c221408a5081b081fd1
SHA11b3d3570e3de678e60e2198fcd84e4648e3c1ce3
SHA2560eb620723c4df52ac428a98333567d0b90f6547c69a6c3bf1803957537ea0d75
SHA5123ef71a8f2837fcbb85357d2834116452263787a21634b2f5e08e885f8ee11e05340f44f7a9c087e9a55354c810319bab48d3434141358041e506d0a19a70d038
-
memory/4128-9-0x0000000001190000-0x0000000001191000-memory.dmpFilesize
4KB