28734d070a2395894adf686baf82e3833eb2aa06738245d832a10fdb48b0f17b | Triage

Submit
Reports

Overview

overview

9

Static

static

1

2024-09-19...ia.exe

windows7-x64

9

2024-09-19...ia.exe

windows10-2004-x64

9

Sharing

General

Target

2024-09-19_da022312a13063cda5350c8e98097eae_mafia
Size

495KB
Sample

240919-hmepjawbme
MD5

da022312a13063cda5350c8e98097eae
SHA1

289a4d18404d89a51e36ca98483cb8ccb803c4c9
SHA256

28734d070a2395894adf686baf82e3833eb2aa06738245d832a10fdb48b0f17b
SHA512

004210c56346d1288a0047c7589545296f62e5859254c4c9ab1384e9c7297c300849a4a05738f42cc0830cfe6dec8de32dde0309c1d3ba1e304ef9b76006f854
SSDEEP

12288:ZsIdx5HmzS3zcJrVb4rvkSlQr1wVAvoBjWuH9:ZsIdx5HmzY4R2cSl+GVA+jTH9

Score

9^/10

discovery evasion

Static task

static1

Behavioral task

behavioral1

Sample

2024-09-19_da022312a13063cda5350c8e98097eae_mafia.exe

Resource

win7-20240704-en

discovery evasion

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-09-19_da022312a13063cda5350c8e98097eae_mafia.exe

Resource

win10v2004-20240802-en

discovery evasion

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-09-19_da022312a13063cda5350c8e98097eae_mafia
- Size
  
  495KB
- MD5
  
  da022312a13063cda5350c8e98097eae
- SHA1
  
  289a4d18404d89a51e36ca98483cb8ccb803c4c9
- SHA256
  
  28734d070a2395894adf686baf82e3833eb2aa06738245d832a10fdb48b0f17b
- SHA512
  
  004210c56346d1288a0047c7589545296f62e5859254c4c9ab1384e9c7297c300849a4a05738f42cc0830cfe6dec8de32dde0309c1d3ba1e304ef9b76006f854
- SSDEEP
  
  12288:ZsIdx5HmzS3zcJrVb4rvkSlQr1wVAvoBjWuH9:ZsIdx5HmzY4R2cSl+GVA+jTH9
Score

9^/10

discovery evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion

© 2018-2025

Terms | Privacy