Overview

overview

9

Static

static

1

2024-07-03...ia.exe

windows7-x64

9

2024-07-03...ia.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-07-03_b50db8650c18fa75670f7b4b4e0c6385_mafia

  • Size

    10.2MB

  • Sample

    240703-xt332avgmb

  • MD5

    b50db8650c18fa75670f7b4b4e0c6385

  • SHA1

    9416cfc30c042357542da667a07fd0f619f225aa

  • SHA256

    9b511e467791536a121ebec9f28fae83d6635a63e26db4793cada871812b9105

  • SHA512

    3359deb2e3044b38b5cb4c1ee1ae2ca4ba2ca685b70277b5cc30721286a7191e0931125d3e29823c2fb8ab8e8e122165d78cc45b78a7eae2e61c90828b840ede

  • SSDEEP

    196608:KyEa4qmi4YP1pTqebZQbw3DOs7vsqozRNqPmzS3QlcSxCd/jU2:Kuh4SHTaVZRk+eQmbU2

Score
9/10
evasion

Malware Config

Targets

    • Target

      2024-07-03_b50db8650c18fa75670f7b4b4e0c6385_mafia

    • Size

      10.2MB

    • MD5

      b50db8650c18fa75670f7b4b4e0c6385

    • SHA1

      9416cfc30c042357542da667a07fd0f619f225aa

    • SHA256

      9b511e467791536a121ebec9f28fae83d6635a63e26db4793cada871812b9105

    • SHA512

      3359deb2e3044b38b5cb4c1ee1ae2ca4ba2ca685b70277b5cc30721286a7191e0931125d3e29823c2fb8ab8e8e122165d78cc45b78a7eae2e61c90828b840ede

    • SSDEEP

      196608:KyEa4qmi4YP1pTqebZQbw3DOs7vsqozRNqPmzS3QlcSxCd/jU2:Kuh4SHTaVZRk+eQmbU2

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks