Overview

overview

7

Static

static

3

2024-03-05...py.exe

windows7-x64

7

2024-03-05...py.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-03-05_dbb0e67af081f4e52c04f5999c435f5c_mafia_nionspy

  • Size

    280KB

  • Sample

    240305-xa3yxsea2s

  • MD5

    dbb0e67af081f4e52c04f5999c435f5c

  • SHA1

    d2b1286524539db5082ca9393d9091cbf77a4e0e

  • SHA256

    138ed35439f9f9f4b9933917ece4bd66a0756b9e252c09093648b0fd39a14119

  • SHA512

    68ef3c13accb31c7e6c97d32a7df674da248d80f2c2f87d58180d92b56c03c3ee3f005cff95559cc02ea3aa64d84dfc35be7e36d038b61fff818903c8b0e2321

  • SSDEEP

    6144:UTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:UTBPFV0RyWl3h2E+7pl

Score
7/10

Malware Config

Targets

    • Target

      2024-03-05_dbb0e67af081f4e52c04f5999c435f5c_mafia_nionspy

    • Size

      280KB

    • MD5

      dbb0e67af081f4e52c04f5999c435f5c

    • SHA1

      d2b1286524539db5082ca9393d9091cbf77a4e0e

    • SHA256

      138ed35439f9f9f4b9933917ece4bd66a0756b9e252c09093648b0fd39a14119

    • SHA512

      68ef3c13accb31c7e6c97d32a7df674da248d80f2c2f87d58180d92b56c03c3ee3f005cff95559cc02ea3aa64d84dfc35be7e36d038b61fff818903c8b0e2321

    • SSDEEP

      6144:UTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:UTBPFV0RyWl3h2E+7pl

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks