Overview

overview

7

Static

static

1

2024-09-12...ia.exe

windows7-x64

7

2024-09-12...ia.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-09-12_7bf84b7c1426d659676cdf05a11fc358_hijackloader_mafia

  • Size

    97.1MB

  • Sample

    240912-fb3aca1hqe

  • MD5

    7bf84b7c1426d659676cdf05a11fc358

  • SHA1

    1d0470f2ef8121b3558acc42360eb3e2036fa86b

  • SHA256

    628c4e0ad20ad1313d8646f7acce9bc51dc35ea877d05d8213f2aa0ac6d3c5ee

  • SHA512

    1b375c994c9d81038e9789274e78ddf5285d69a3af74dbf49ec24418735a4fe78b613a5d263ea534a6b0b13485f37b9427520ac330bc7e476425b9e71a9bae03

  • SSDEEP

    1572864:ZllpnpDO4uN91Vxfo5uvhPun4PCjmk0Pl7H7ZFMu0pgVHjMpjIyYlUB4S4UPTlsQ:5Ho7Nfos7avqB7vMuvBM9Yu6S4URdQc

Score
7/10
discoveryexecutionpersistence

Malware Config

Targets

    • Target

      2024-09-12_7bf84b7c1426d659676cdf05a11fc358_hijackloader_mafia

    • Size

      97.1MB

    • MD5

      7bf84b7c1426d659676cdf05a11fc358

    • SHA1

      1d0470f2ef8121b3558acc42360eb3e2036fa86b

    • SHA256

      628c4e0ad20ad1313d8646f7acce9bc51dc35ea877d05d8213f2aa0ac6d3c5ee

    • SHA512

      1b375c994c9d81038e9789274e78ddf5285d69a3af74dbf49ec24418735a4fe78b613a5d263ea534a6b0b13485f37b9427520ac330bc7e476425b9e71a9bae03

    • SSDEEP

      1572864:ZllpnpDO4uN91Vxfo5uvhPun4PCjmk0Pl7H7ZFMu0pgVHjMpjIyYlUB4S4UPTlsQ:5Ho7Nfos7avqB7vMuvBM9Yu6S4URdQc

    Score
    7/10
    discoveryexecutionpersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks