6a75f20f93fa645bb5ac13c096065757982e1fe56de5b554e73a1f82d2088878 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-14_459bc15c58c059df0449f97d1b5e14d3_mafia_nionspy
Size

280KB
Sample

240214-jjs87aeb39
MD5

459bc15c58c059df0449f97d1b5e14d3
SHA1

5037a5cf6981b0e7b827e1d139b0612016f72a3f
SHA256

6a75f20f93fa645bb5ac13c096065757982e1fe56de5b554e73a1f82d2088878
SHA512

7d31b87880d6502b52fab8d8bd7c4bafe4755ee75fa10d2c574ac2728559860a73d8684cd5138e36288824e9bfa126e6541e5e5b9ba852ab5b678cc368ebfc99
SSDEEP

6144:vTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:vTBPFV0RyWl3h2E+7pl

Score

7^/10

Malware Config

Targets

- Target
  
  2024-02-14_459bc15c58c059df0449f97d1b5e14d3_mafia_nionspy
- Size
  
  280KB
- MD5
  
  459bc15c58c059df0449f97d1b5e14d3
- SHA1
  
  5037a5cf6981b0e7b827e1d139b0612016f72a3f
- SHA256
  
  6a75f20f93fa645bb5ac13c096065757982e1fe56de5b554e73a1f82d2088878
- SHA512
  
  7d31b87880d6502b52fab8d8bd7c4bafe4755ee75fa10d2c574ac2728559860a73d8684cd5138e36288824e9bfa126e6541e5e5b9ba852ab5b678cc368ebfc99
- SSDEEP
  
  6144:vTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:vTBPFV0RyWl3h2E+7pl
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2