ac12abcdc46becec1d63bedcc2b5268cd0c3f485ba94d2990071f88b1535127a | Triage

Sharing

General

Target

2023-08-27_4c061cbe09a61d277a7ca3ad572d0190_mafia_nionspy_JC.exe
Size

288KB
Sample

231002-xf7jasfe74
MD5

4c061cbe09a61d277a7ca3ad572d0190
SHA1

88f6c775461903f9379e85242921e96cbdd67ef5
SHA256

ac12abcdc46becec1d63bedcc2b5268cd0c3f485ba94d2990071f88b1535127a
SHA512

500e233f162e7e8c2abdc1aa269131820f4f2273135114adf23272871b9a35cf7465a2224aa079aedbf285651e8ba3897a87553a8a047b15d9e714dc8343aa81
SSDEEP

6144:2Q+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:2QMyfmNFHfnWfhLZVHmOog

Score

7^/10

Malware Config

Targets

- Target
  
  2023-08-27_4c061cbe09a61d277a7ca3ad572d0190_mafia_nionspy_JC.exe
- Size
  
  288KB
- MD5
  
  4c061cbe09a61d277a7ca3ad572d0190
- SHA1
  
  88f6c775461903f9379e85242921e96cbdd67ef5
- SHA256
  
  ac12abcdc46becec1d63bedcc2b5268cd0c3f485ba94d2990071f88b1535127a
- SHA512
  
  500e233f162e7e8c2abdc1aa269131820f4f2273135114adf23272871b9a35cf7465a2224aa079aedbf285651e8ba3897a87553a8a047b15d9e714dc8343aa81
- SSDEEP
  
  6144:2Q+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:2QMyfmNFHfnWfhLZVHmOog
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2