b2298d4f7b306604079898d63ace87e9dc5a9c1bbc551f447818b18fa15f7034 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-14_c462147afb2b7baf9767fc4eb39d1896_mafia_nionspy
Size

274KB
Sample

240314-1jvwfsga51
MD5

c462147afb2b7baf9767fc4eb39d1896
SHA1

92eff982e8a6feead2d48bbbb4384f0ba306537f
SHA256

b2298d4f7b306604079898d63ace87e9dc5a9c1bbc551f447818b18fa15f7034
SHA512

2d7b51258a23db205eb1aa04382e4b8cdc82f3840713984565a27b1c6020cc725e7b58e5f3ffc74865d0b9124df83a9c216d022f28e7d17da9a4fa0905ebd0a0
SSDEEP

6144:pYvZ6brUj+bvqHXSpWr2Kqz83Oad3Jg4PlPDIQ+KLzDDg:pYvEbrUjp3SpWggd3JBPlPDIQ3g

Score

7^/10

Malware Config

Targets

- Target
  
  2024-03-14_c462147afb2b7baf9767fc4eb39d1896_mafia_nionspy
- Size
  
  274KB
- MD5
  
  c462147afb2b7baf9767fc4eb39d1896
- SHA1
  
  92eff982e8a6feead2d48bbbb4384f0ba306537f
- SHA256
  
  b2298d4f7b306604079898d63ace87e9dc5a9c1bbc551f447818b18fa15f7034
- SHA512
  
  2d7b51258a23db205eb1aa04382e4b8cdc82f3840713984565a27b1c6020cc725e7b58e5f3ffc74865d0b9124df83a9c216d022f28e7d17da9a4fa0905ebd0a0
- SSDEEP
  
  6144:pYvZ6brUj+bvqHXSpWr2Kqz83Oad3Jg4PlPDIQ+KLzDDg:pYvEbrUjp3SpWggd3JBPlPDIQ3g
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2