cdc106446e77f16cd0fd9f4c906add2d348faee232605deeaa7c0124d7aba6aa | Triage

Sharing

General

Target

2024-02-25_764fab95abea783200e9af58d0a9ce63_mafia_nionspy
Size

288KB
Sample

240225-bybnpahg37
MD5

764fab95abea783200e9af58d0a9ce63
SHA1

760e33316201faacfe1e24ff76a5fac5b7235c43
SHA256

cdc106446e77f16cd0fd9f4c906add2d348faee232605deeaa7c0124d7aba6aa
SHA512

36ee6c5ae0e3149276adb3d85da9e8b4fa2cc39e5da1fb4c15e5b830744df8119930625117cf3abb0148893d81c123a309ce475eb5f8d262044705748ad7babf
SSDEEP

6144:HQ+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:HQMyfmNFHfnWfhLZVHmOog

Score

7^/10

Malware Config

Targets

- Target
  
  2024-02-25_764fab95abea783200e9af58d0a9ce63_mafia_nionspy
- Size
  
  288KB
- MD5
  
  764fab95abea783200e9af58d0a9ce63
- SHA1
  
  760e33316201faacfe1e24ff76a5fac5b7235c43
- SHA256
  
  cdc106446e77f16cd0fd9f4c906add2d348faee232605deeaa7c0124d7aba6aa
- SHA512
  
  36ee6c5ae0e3149276adb3d85da9e8b4fa2cc39e5da1fb4c15e5b830744df8119930625117cf3abb0148893d81c123a309ce475eb5f8d262044705748ad7babf
- SSDEEP
  
  6144:HQ+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:HQMyfmNFHfnWfhLZVHmOog
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2