f4dec71d5d383ed54bab41d1a8b09545d813da4599acc2cada5911265d4fa722 | Triage

Sharing

General

Target

2024-03-07_2682c5d298bf1e60d37ad6e7b4f611b5_mafia_nionspy
Size

344KB
Sample

240307-dzbq7adh23
MD5

2682c5d298bf1e60d37ad6e7b4f611b5
SHA1

39039383f26c10a648cfab82e624e5e713a581a7
SHA256

f4dec71d5d383ed54bab41d1a8b09545d813da4599acc2cada5911265d4fa722
SHA512

4c8f0fb45f794ee4612cc2cbcb4a82b98b7090262786c321e42a79b2f3a8b4b8ad638fb1456c6d204068c9b7f77fb7156a04190721b65d02f5b1f3f40d2867e7
SSDEEP

6144:ZTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:ZTBPFV0RyWl3h2E+7pYm0

Score

7^/10

Malware Config

Targets

- Target
  
  2024-03-07_2682c5d298bf1e60d37ad6e7b4f611b5_mafia_nionspy
- Size
  
  344KB
- MD5
  
  2682c5d298bf1e60d37ad6e7b4f611b5
- SHA1
  
  39039383f26c10a648cfab82e624e5e713a581a7
- SHA256
  
  f4dec71d5d383ed54bab41d1a8b09545d813da4599acc2cada5911265d4fa722
- SHA512
  
  4c8f0fb45f794ee4612cc2cbcb4a82b98b7090262786c321e42a79b2f3a8b4b8ad638fb1456c6d204068c9b7f77fb7156a04190721b65d02f5b1f3f40d2867e7
- SSDEEP
  
  6144:ZTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:ZTBPFV0RyWl3h2E+7pYm0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2