d9b8a60350cdace6721b3c84d064f1109b149402e5540b273ee20c9c9865190b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-24_9c6d505c3b7d49b9936447d4d77a039f_mafia_nionspy
Size

288KB
Sample

240224-a5tx6sdc97
MD5

9c6d505c3b7d49b9936447d4d77a039f
SHA1

2d2a16545ca5ea91e13e207c54c09840f338630a
SHA256

d9b8a60350cdace6721b3c84d064f1109b149402e5540b273ee20c9c9865190b
SHA512

9e8f0e5cd96393a3c68932f0373a147d7d9a7ce1a30b23e110bceee696fc9fe77d07595eb23412640a7d3bdb70a2e0d75a61bf84972a0acf2a91c0d5d3dc1c6a
SSDEEP

6144:jQ+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:jQMyfmNFHfnWfhLZVHmOog

Score

7^/10

Malware Config

Targets

- Target
  
  2024-02-24_9c6d505c3b7d49b9936447d4d77a039f_mafia_nionspy
- Size
  
  288KB
- MD5
  
  9c6d505c3b7d49b9936447d4d77a039f
- SHA1
  
  2d2a16545ca5ea91e13e207c54c09840f338630a
- SHA256
  
  d9b8a60350cdace6721b3c84d064f1109b149402e5540b273ee20c9c9865190b
- SHA512
  
  9e8f0e5cd96393a3c68932f0373a147d7d9a7ce1a30b23e110bceee696fc9fe77d07595eb23412640a7d3bdb70a2e0d75a61bf84972a0acf2a91c0d5d3dc1c6a
- SSDEEP
  
  6144:jQ+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:jQMyfmNFHfnWfhLZVHmOog
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2