Overview

overview

7

Static

static

3

2024-08-02...ll.exe

windows7-x64

7

2024-08-02...ll.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-08-02_9e03be269c58a15b6ffc9a1502569686_mafia_stonedrill

  • Size

    387KB

  • Sample

    240802-h854lsxdng

  • MD5

    9e03be269c58a15b6ffc9a1502569686

  • SHA1

    d034168bfa1deecf9f4f0ed702dc1be55d87064b

  • SHA256

    eac4613b8c69b4b84acb79e19ce02e41835de1ced41af5d913fe1869223ca614

  • SHA512

    cd42b990eb30b6bbff95658f34bc96218d8b19aaa4bde6b0e18acfb3b6b3208a958907e8a8a8e05b4640f9e3badab885543266e4ebd5d21973373508a7f2e457

  • SSDEEP

    12288:BqYXje0DF9k64/QSywqP0T8oIN1AHDFhY25fC2WF9sr204P:BqYDF9k64/Q9j28okAHDHY25fC2WF9sk

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      2024-08-02_9e03be269c58a15b6ffc9a1502569686_mafia_stonedrill

    • Size

      387KB

    • MD5

      9e03be269c58a15b6ffc9a1502569686

    • SHA1

      d034168bfa1deecf9f4f0ed702dc1be55d87064b

    • SHA256

      eac4613b8c69b4b84acb79e19ce02e41835de1ced41af5d913fe1869223ca614

    • SHA512

      cd42b990eb30b6bbff95658f34bc96218d8b19aaa4bde6b0e18acfb3b6b3208a958907e8a8a8e05b4640f9e3badab885543266e4ebd5d21973373508a7f2e457

    • SSDEEP

      12288:BqYXje0DF9k64/QSywqP0T8oIN1AHDFhY25fC2WF9sr204P:BqYDF9k64/Q9j28okAHDHY25fC2WF9sk

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks