c80aada7ae9c8830ad508e7691aa339a34446e29cf282f8eab4e723899370c66 | Triage

Sharing

General

Target

2024-01-23_61544ce0682185feb9a52dcbf201815f_mafia_nionspy
Size

288KB
Sample

240123-g8bdkagbdl
MD5

61544ce0682185feb9a52dcbf201815f
SHA1

547c1dcf9e89b6becf5c3e16fd2604e45a644cfb
SHA256

c80aada7ae9c8830ad508e7691aa339a34446e29cf282f8eab4e723899370c66
SHA512

68563d6a3f48447fc6736529b8a6c8d89801afaebe2ea590c2e7d3f43e9d2dbcb850696d7f1d2aa5d76ad955d9fac30d2657ae3be6892a8e156154ed173e6e13
SSDEEP

6144:sQ+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:sQMyfmNFHfnWfhLZVHmOog

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-23_61544ce0682185feb9a52dcbf201815f_mafia_nionspy
- Size
  
  288KB
- MD5
  
  61544ce0682185feb9a52dcbf201815f
- SHA1
  
  547c1dcf9e89b6becf5c3e16fd2604e45a644cfb
- SHA256
  
  c80aada7ae9c8830ad508e7691aa339a34446e29cf282f8eab4e723899370c66
- SHA512
  
  68563d6a3f48447fc6736529b8a6c8d89801afaebe2ea590c2e7d3f43e9d2dbcb850696d7f1d2aa5d76ad955d9fac30d2657ae3be6892a8e156154ed173e6e13
- SSDEEP
  
  6144:sQ+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:sQMyfmNFHfnWfhLZVHmOog
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2