dba8590ab484280a8c44283858d5130cf618e679a7aa3b5bd6eddefbae56ada4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-18_9c674549f00de1fafe7e61331ed70436_mafia_nionspy
Size

328KB
Sample

240118-24y92seder
MD5

9c674549f00de1fafe7e61331ed70436
SHA1

780c682d79757be667c0aad60e7806d055431196
SHA256

dba8590ab484280a8c44283858d5130cf618e679a7aa3b5bd6eddefbae56ada4
SHA512

079ef7a0fc2323b2bae093116d20877aa83b162bcf0059c7b445b88451639ddc2d6bcbf451faaabc5ea451ca5965db599d88d7e6770930e36b168d51125c0ccf
SSDEEP

6144:J2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG89gkPzDh1v:J2TFafJiHCWBWPMjVWrXf1v

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-18_9c674549f00de1fafe7e61331ed70436_mafia_nionspy
- Size
  
  328KB
- MD5
  
  9c674549f00de1fafe7e61331ed70436
- SHA1
  
  780c682d79757be667c0aad60e7806d055431196
- SHA256
  
  dba8590ab484280a8c44283858d5130cf618e679a7aa3b5bd6eddefbae56ada4
- SHA512
  
  079ef7a0fc2323b2bae093116d20877aa83b162bcf0059c7b445b88451639ddc2d6bcbf451faaabc5ea451ca5965db599d88d7e6770930e36b168d51125c0ccf
- SSDEEP
  
  6144:J2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG89gkPzDh1v:J2TFafJiHCWBWPMjVWrXf1v
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2