256a0d29bf12884f92bec30e222ab4d4ed0a83f9c3d43b9ade03fe411c850739 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

2024-08-12...ia.exe

windows7-x64

7

2024-08-12...ia.exe

windows10-2004-x64

7

Sharing

General

Target

2024-08-12_ee1d63a4f01ed377092cd4308ee0b439_mafia
Size

3.2MB
Sample

240812-bdff5sscpb
MD5

ee1d63a4f01ed377092cd4308ee0b439
SHA1

b4dd8b502e1a61e1d423b92567b2faa5c5724767
SHA256

256a0d29bf12884f92bec30e222ab4d4ed0a83f9c3d43b9ade03fe411c850739
SHA512

4666c4ee200e8147f1f259ff5fe976b0309fe885916af6b0b0842d990564d3c9af6cca8d9ed8588bf4df1cb59b386f7bec789d1d91d2a4c31d418a5f5e13103a
SSDEEP

49152:QKyf62PIn95QZuTtS0rQMYOQ+q8CE1SW5wpmXG1Zy9KFeMu:Qg2PiWsM0r1QnOSuG100Fer

Score

7^/10

discovery vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-08-12_ee1d63a4f01ed377092cd4308ee0b439_mafia.exe

Resource

win7-20240729-en

discovery vmprotect

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-08-12_ee1d63a4f01ed377092cd4308ee0b439_mafia.exe

Resource

win10v2004-20240802-en

discovery vmprotect

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-08-12_ee1d63a4f01ed377092cd4308ee0b439_mafia
- Size
  
  3.2MB
- MD5
  
  ee1d63a4f01ed377092cd4308ee0b439
- SHA1
  
  b4dd8b502e1a61e1d423b92567b2faa5c5724767
- SHA256
  
  256a0d29bf12884f92bec30e222ab4d4ed0a83f9c3d43b9ade03fe411c850739
- SHA512
  
  4666c4ee200e8147f1f259ff5fe976b0309fe885916af6b0b0842d990564d3c9af6cca8d9ed8588bf4df1cb59b386f7bec789d1d91d2a4c31d418a5f5e13103a
- SSDEEP
  
  49152:QKyf62PIn95QZuTtS0rQMYOQ+q8CE1SW5wpmXG1Zy9KFeMu:Qg2PiWsM0r1QnOSuG100Fer
Score

7^/10

discovery vmprotect
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryvmprotect

behavioral2

discoveryvmprotect

© 2018-2025

Terms | Privacy