c0c85d92d3e13ab8f3500a2001fe16f371ab2e2f685b82e1477de6c3b7e7d083 | Triage

Submit
Reports

Overview

overview

9

Static

static

1

2024-09-19...ia.exe

windows7-x64

9

2024-09-19...ia.exe

windows10-2004-x64

9

Sharing

General

Target

2024-09-19_df979c7b4c8722dcf7603b32da72f520_mafia
Size

509KB
Sample

240919-hmjcqawdnr
MD5

df979c7b4c8722dcf7603b32da72f520
SHA1

39d7d26bbe52eb31773cea2cef2efca42d7394dd
SHA256

c0c85d92d3e13ab8f3500a2001fe16f371ab2e2f685b82e1477de6c3b7e7d083
SHA512

1d9a8fce66211f6482230643b22a0d4e5f303d0d97b665fdd13bd5192c16670d22157c76abbc7e39571c4c4c2b96d9e63fcade891893346046900e4e0c2d2266
SSDEEP

12288:Wv9RGfqZ2Z3NBDYXZ35g6LyCluJCmAgoA:WvifqZ2voZ35g6Lo0gb

Score

9^/10

discovery evasion

Static task

static1

Behavioral task

behavioral1

Sample

2024-09-19_df979c7b4c8722dcf7603b32da72f520_mafia.exe

Resource

win7-20240903-en

discovery evasion

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-09-19_df979c7b4c8722dcf7603b32da72f520_mafia.exe

Resource

win10v2004-20240802-en

discovery evasion

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-09-19_df979c7b4c8722dcf7603b32da72f520_mafia
- Size
  
  509KB
- MD5
  
  df979c7b4c8722dcf7603b32da72f520
- SHA1
  
  39d7d26bbe52eb31773cea2cef2efca42d7394dd
- SHA256
  
  c0c85d92d3e13ab8f3500a2001fe16f371ab2e2f685b82e1477de6c3b7e7d083
- SHA512
  
  1d9a8fce66211f6482230643b22a0d4e5f303d0d97b665fdd13bd5192c16670d22157c76abbc7e39571c4c4c2b96d9e63fcade891893346046900e4e0c2d2266
- SSDEEP
  
  12288:Wv9RGfqZ2Z3NBDYXZ35g6LyCluJCmAgoA:WvifqZ2voZ35g6Lo0gb
Score

9^/10

discovery evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion

© 2018-2025

Terms | Privacy