Overview

overview

7

Static

static

3

2024-10-03...ll.exe

windows7-x64

7

2024-10-03...ll.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-10-03_96b12aefc7c2376dd6d1194a600d0323_mafia_stonedrill

  • Size

    387KB

  • Sample

    241003-jl4gyawcnf

  • MD5

    96b12aefc7c2376dd6d1194a600d0323

  • SHA1

    191ead2c228c4b75817a39601532bde648786748

  • SHA256

    5ee79e4c6e89e7921a4d61c0c51fce1bda4d9be8d3f43546a9c4232d411a638b

  • SHA512

    51ba3585b2e440e5eac431d24e8546f92006edd8cd1f270aadb2e1286b7b39e03254c17ffc164fdcd46b7cd26c057e2698264b7eb3c43f210a40c6f0ee19d045

  • SSDEEP

    12288:BqYXje0DF9k64/QSywqP0T8oIN1AHDFhY25fC2WF9s5204P:BqYDF9k64/Q9j28okAHDHY25fC2WF9sS

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      2024-10-03_96b12aefc7c2376dd6d1194a600d0323_mafia_stonedrill

    • Size

      387KB

    • MD5

      96b12aefc7c2376dd6d1194a600d0323

    • SHA1

      191ead2c228c4b75817a39601532bde648786748

    • SHA256

      5ee79e4c6e89e7921a4d61c0c51fce1bda4d9be8d3f43546a9c4232d411a638b

    • SHA512

      51ba3585b2e440e5eac431d24e8546f92006edd8cd1f270aadb2e1286b7b39e03254c17ffc164fdcd46b7cd26c057e2698264b7eb3c43f210a40c6f0ee19d045

    • SSDEEP

      12288:BqYXje0DF9k64/QSywqP0T8oIN1AHDFhY25fC2WF9s5204P:BqYDF9k64/Q9j28okAHDHY25fC2WF9sS

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks