Overview

overview

8

Static

static

7

2024-10-14...ia.exe

windows7-x64

8

2024-10-14...ia.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-10-14_c76633fe6a54a5cf654c5f94aebb7e59_mafia

  • Size

    4.1MB

  • Sample

    241014-dsppgaxbjg

  • MD5

    c76633fe6a54a5cf654c5f94aebb7e59

  • SHA1

    2c39726cfdd016dd6b63e089b25493a0fae029d1

  • SHA256

    3b39d79e6d45f5d78008647b3e3704fca24c971b322e0933dd9880764171f939

  • SHA512

    b881948f86124fa87710fe9580f3faba8e00cc0dddb288c0acf508a4c91c5a6be4bd9da2515c58b578816bcb663ce847ce4d2166e69d7bab243e2dcf8f683289

  • SSDEEP

    49152:3OPY9+Zj7yp/O5QZuTtS0rQMYOQ+q8CE87ct33Ceflh+1X2EQ4JN/8rx9KFeMq:7MypGWsM0r1QnetnCeflsjQ4JB60Feb

Score
8/10
discoveryvmprotect

Malware Config

Targets

    • Target

      2024-10-14_c76633fe6a54a5cf654c5f94aebb7e59_mafia

    • Size

      4.1MB

    • MD5

      c76633fe6a54a5cf654c5f94aebb7e59

    • SHA1

      2c39726cfdd016dd6b63e089b25493a0fae029d1

    • SHA256

      3b39d79e6d45f5d78008647b3e3704fca24c971b322e0933dd9880764171f939

    • SHA512

      b881948f86124fa87710fe9580f3faba8e00cc0dddb288c0acf508a4c91c5a6be4bd9da2515c58b578816bcb663ce847ce4d2166e69d7bab243e2dcf8f683289

    • SSDEEP

      49152:3OPY9+Zj7yp/O5QZuTtS0rQMYOQ+q8CE87ct33Ceflh+1X2EQ4JN/8rx9KFeMq:7MypGWsM0r1QnetnCeflsjQ4JB60Feb

    Score
    8/10
    discoveryvmprotect

    • Drops file in Drivers directory

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks