b980e54de21ddb3c6de20bd273d593bd3167aa82c149d3ed21a5fd2213ca01c1 | Triage

Sharing

General

Target

2024-02-13_c53b1eea7aedddcef2c7b5377f48ca67_mafia_nionspy
Size

344KB
Sample

240213-g3dazacf42
MD5

c53b1eea7aedddcef2c7b5377f48ca67
SHA1

69fbeccf35b60cb3a188f7db5a7f62789dfe6aa1
SHA256

b980e54de21ddb3c6de20bd273d593bd3167aa82c149d3ed21a5fd2213ca01c1
SHA512

69db3623da94f3f493481782c3cde245f97cb2281788106b8a86cdf06bbfa963fa340e12d0ea900f68d3a1824b1f00190ccebcde1466bca68fea5b67d134e0aa
SSDEEP

6144:LTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:LTBPFV0RyWl3h2E+7pYm0

Score

7^/10

Malware Config

Targets

- Target
  
  2024-02-13_c53b1eea7aedddcef2c7b5377f48ca67_mafia_nionspy
- Size
  
  344KB
- MD5
  
  c53b1eea7aedddcef2c7b5377f48ca67
- SHA1
  
  69fbeccf35b60cb3a188f7db5a7f62789dfe6aa1
- SHA256
  
  b980e54de21ddb3c6de20bd273d593bd3167aa82c149d3ed21a5fd2213ca01c1
- SHA512
  
  69db3623da94f3f493481782c3cde245f97cb2281788106b8a86cdf06bbfa963fa340e12d0ea900f68d3a1824b1f00190ccebcde1466bca68fea5b67d134e0aa
- SSDEEP
  
  6144:LTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:LTBPFV0RyWl3h2E+7pYm0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2