Overview

overview

7

Static

static

3

2024-02-18...py.exe

windows7-x64

7

2024-02-18...py.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-18_af951e61e5b76c723c7f33e31633ac7c_mafia_nionspy

  • Size

    344KB

  • Sample

    240218-ec181ade4t

  • MD5

    af951e61e5b76c723c7f33e31633ac7c

  • SHA1

    bedae656827b3b80da83090be3f9a1a4878052f5

  • SHA256

    de8aa7bc6ee00cd2003992d67bcbda0ab327478fc1c5cdd6477b1128f6ecd11d

  • SHA512

    a8582aa9497e7af97c4a6622c478048870277bce48a4e4bdb0cda928cd783e207c716b060969e0f251943f5bb407b06069408e17524553e3c06a8c075149400e

  • SSDEEP

    6144:NTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:NTBPFV0RyWl3h2E+7pYm0

Score
7/10

Malware Config

Targets

    • Target

      2024-02-18_af951e61e5b76c723c7f33e31633ac7c_mafia_nionspy

    • Size

      344KB

    • MD5

      af951e61e5b76c723c7f33e31633ac7c

    • SHA1

      bedae656827b3b80da83090be3f9a1a4878052f5

    • SHA256

      de8aa7bc6ee00cd2003992d67bcbda0ab327478fc1c5cdd6477b1128f6ecd11d

    • SHA512

      a8582aa9497e7af97c4a6622c478048870277bce48a4e4bdb0cda928cd783e207c716b060969e0f251943f5bb407b06069408e17524553e3c06a8c075149400e

    • SSDEEP

      6144:NTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:NTBPFV0RyWl3h2E+7pYm0

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks