Overview

overview

7

Static

static

3

2024-01-11...py.exe

windows7-x64

7

2024-01-11...py.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-01-11_98462100c1d0f5ba0d31c5ccec1d4e6c_mafia_nionspy

  • Size

    280KB

  • Sample

    240112-gr1xwshdfn

  • MD5

    98462100c1d0f5ba0d31c5ccec1d4e6c

  • SHA1

    c294aed020960fc3966830a743b0a95c6ff89317

  • SHA256

    63845e9634a6e29a742672bf3f8839042e3ba5e555a4721fb0ddd36b12d44636

  • SHA512

    2115fa9cc02f20e7f487d5eb87b14893228e6606f308b862c648c8471c3039194b4cc41abfa32fa7dad29a7e173aa36014bc900c5aa03530da9894c95f170489

  • SSDEEP

    6144:/Tz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:/TBPFV0RyWl3h2E+7pl

Score
7/10

Malware Config

Targets

    • Target

      2024-01-11_98462100c1d0f5ba0d31c5ccec1d4e6c_mafia_nionspy

    • Size

      280KB

    • MD5

      98462100c1d0f5ba0d31c5ccec1d4e6c

    • SHA1

      c294aed020960fc3966830a743b0a95c6ff89317

    • SHA256

      63845e9634a6e29a742672bf3f8839042e3ba5e555a4721fb0ddd36b12d44636

    • SHA512

      2115fa9cc02f20e7f487d5eb87b14893228e6606f308b862c648c8471c3039194b4cc41abfa32fa7dad29a7e173aa36014bc900c5aa03530da9894c95f170489

    • SSDEEP

      6144:/Tz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:/TBPFV0RyWl3h2E+7pl

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks