1d14a0e76ce31ee0c6cd68d4cbde27d64553d1976a09988438f6e54f7b0459c0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-15_51a1f70b1e69978709e01e759ee72033_mafia_nionspy
Size

344KB
Sample

240415-dxw94sdd36
MD5

51a1f70b1e69978709e01e759ee72033
SHA1

798812e76b09969de9c5651418d57eadc8368fd1
SHA256

1d14a0e76ce31ee0c6cd68d4cbde27d64553d1976a09988438f6e54f7b0459c0
SHA512

10cdd08ac450b413aa62fe21bf50350743a3d82d096610004d76b3b1f1c52267cc77a7a8d86c7c85c5c16738d66d2a3de033f81beb0b3eae501425225fc8053d
SSDEEP

6144:kTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:kTBPFV0RyWl3h2E+7pYm0

Score

7^/10

Malware Config

Targets

- Target
  
  2024-04-15_51a1f70b1e69978709e01e759ee72033_mafia_nionspy
- Size
  
  344KB
- MD5
  
  51a1f70b1e69978709e01e759ee72033
- SHA1
  
  798812e76b09969de9c5651418d57eadc8368fd1
- SHA256
  
  1d14a0e76ce31ee0c6cd68d4cbde27d64553d1976a09988438f6e54f7b0459c0
- SHA512
  
  10cdd08ac450b413aa62fe21bf50350743a3d82d096610004d76b3b1f1c52267cc77a7a8d86c7c85c5c16738d66d2a3de033f81beb0b3eae501425225fc8053d
- SSDEEP
  
  6144:kTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:kTBPFV0RyWl3h2E+7pYm0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2