93ed0f50245532143857a91972cec7858bff72933bdc625529d3aee88e2e44ff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-11_4f9610658fb390f8f7de6dbb0e6a94a4_mafia_nionspy
Size

280KB
Sample

240211-tvaakahf61
MD5

4f9610658fb390f8f7de6dbb0e6a94a4
SHA1

4288ea314c50f6f5f389a59234f5f243cab324d1
SHA256

93ed0f50245532143857a91972cec7858bff72933bdc625529d3aee88e2e44ff
SHA512

97228a80e16a99cac476862a5d7a615f5e2adbbe2af1a03892f1903873c950286c813ca9a262f9dd30e076de4256e97f17c3d0180ea0504073683d813e5dde86
SSDEEP

6144:FsTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:FsTBPFV0RyWl3h2E+7pl

Score

7^/10

Malware Config

Targets

- Target
  
  2024-02-11_4f9610658fb390f8f7de6dbb0e6a94a4_mafia_nionspy
- Size
  
  280KB
- MD5
  
  4f9610658fb390f8f7de6dbb0e6a94a4
- SHA1
  
  4288ea314c50f6f5f389a59234f5f243cab324d1
- SHA256
  
  93ed0f50245532143857a91972cec7858bff72933bdc625529d3aee88e2e44ff
- SHA512
  
  97228a80e16a99cac476862a5d7a615f5e2adbbe2af1a03892f1903873c950286c813ca9a262f9dd30e076de4256e97f17c3d0180ea0504073683d813e5dde86
- SSDEEP
  
  6144:FsTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:FsTBPFV0RyWl3h2E+7pl
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2