Overview

overview

7

Static

static

7

2024-09-08...ia.exe

windows7-x64

7

2024-09-08...ia.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-09-08_6fcd637624aaab392c1dba73f5225a0b_mafia

  • Size

    3.7MB

  • Sample

    240908-ay1r5swhlh

  • MD5

    6fcd637624aaab392c1dba73f5225a0b

  • SHA1

    84424b55762a2dda9214ab49ecd7f53d3f6ce190

  • SHA256

    336cfacfc9cdd1594dda94af56cd10d811363ae944aa67991a09dc2214be1a49

  • SHA512

    919eeb97801f418560e9f7927f6b49067635840b1f56a9d93177de3384928eeb6acea88aa02b6013905bd61760b4dbab2ae3700ac1f63742b0134d7ebf67bcef

  • SSDEEP

    49152:dKyf6W/65QZuTtS0rQMYOQ+q8CEGSW5wpWXG1ZM9KFeMs:dgWiWsM0r1QnZSGG160FeF

Score
7/10
discoveryvmprotect

Malware Config

Targets

    • Target

      2024-09-08_6fcd637624aaab392c1dba73f5225a0b_mafia

    • Size

      3.7MB

    • MD5

      6fcd637624aaab392c1dba73f5225a0b

    • SHA1

      84424b55762a2dda9214ab49ecd7f53d3f6ce190

    • SHA256

      336cfacfc9cdd1594dda94af56cd10d811363ae944aa67991a09dc2214be1a49

    • SHA512

      919eeb97801f418560e9f7927f6b49067635840b1f56a9d93177de3384928eeb6acea88aa02b6013905bd61760b4dbab2ae3700ac1f63742b0134d7ebf67bcef

    • SSDEEP

      49152:dKyf6W/65QZuTtS0rQMYOQ+q8CEGSW5wpWXG1ZM9KFeMs:dgWiWsM0r1QnZSGG160FeF

    Score
    7/10
    discoveryvmprotect

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks