5286df4aa0507d25c09590b2ad83a84505f4383e418653d899d155967790cf50 | Triage

Sharing

General

Target

2024-01-11_41ea118a98de64213fbfea98e8a8d838_mafia_nionspy
Size

344KB
Sample

240112-gn3bjsgddq
MD5

41ea118a98de64213fbfea98e8a8d838
SHA1

62504b08c719df19fb16477f77a2892a4ae25b49
SHA256

5286df4aa0507d25c09590b2ad83a84505f4383e418653d899d155967790cf50
SHA512

294dec89e50860ae09bd53f70513f9cdc4b3c07d258d304682c07a2a4c4f9521a201b97707bc50626be580875eaad6b82f8e40ee24fbfbe6008d10f697fb7885
SSDEEP

6144:3Tz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:3TBPFV0RyWl3h2E+7pYm0

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-11_41ea118a98de64213fbfea98e8a8d838_mafia_nionspy
- Size
  
  344KB
- MD5
  
  41ea118a98de64213fbfea98e8a8d838
- SHA1
  
  62504b08c719df19fb16477f77a2892a4ae25b49
- SHA256
  
  5286df4aa0507d25c09590b2ad83a84505f4383e418653d899d155967790cf50
- SHA512
  
  294dec89e50860ae09bd53f70513f9cdc4b3c07d258d304682c07a2a4c4f9521a201b97707bc50626be580875eaad6b82f8e40ee24fbfbe6008d10f697fb7885
- SSDEEP
  
  6144:3Tz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:3TBPFV0RyWl3h2E+7pYm0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2