1254185056f708c61f7d142f2515818d76684216567f9d46704a9b0f8ec875ca | Triage

Sharing

General

Target

2024-01-29_d1c0721bfccd7fd761e2860587cafa8d_mafia_nionspy
Size

328KB
Sample

240129-t5nwpsfgbq
MD5

d1c0721bfccd7fd761e2860587cafa8d
SHA1

05318669bf9031d2704ae436bea971db5daddeca
SHA256

1254185056f708c61f7d142f2515818d76684216567f9d46704a9b0f8ec875ca
SHA512

096f30bc3e078073c3da82aebdf73a74e91dd43830f4637ff1d4f481e7a24c79503bedacf3a719760498fccb71ab3835aaceb0eb0a1017f2cc93885b6caf51db
SSDEEP

6144:n2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG89gkPzDh1v:n2TFafJiHCWBWPMjVWrXf1v

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-29_d1c0721bfccd7fd761e2860587cafa8d_mafia_nionspy
- Size
  
  328KB
- MD5
  
  d1c0721bfccd7fd761e2860587cafa8d
- SHA1
  
  05318669bf9031d2704ae436bea971db5daddeca
- SHA256
  
  1254185056f708c61f7d142f2515818d76684216567f9d46704a9b0f8ec875ca
- SHA512
  
  096f30bc3e078073c3da82aebdf73a74e91dd43830f4637ff1d4f481e7a24c79503bedacf3a719760498fccb71ab3835aaceb0eb0a1017f2cc93885b6caf51db
- SSDEEP
  
  6144:n2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG89gkPzDh1v:n2TFafJiHCWBWPMjVWrXf1v
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2