Overview

overview

7

Static

static

3

2024-04-21...py.exe

windows7-x64

7

2024-04-21...py.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-21_b6e769d9a6a547d496e2b0b1ee853fe7_mafia_nionspy

  • Size

    344KB

  • Sample

    240421-ecl43sae5v

  • MD5

    b6e769d9a6a547d496e2b0b1ee853fe7

  • SHA1

    6b3f51757902dda538ce805e92d5927cd25e82eb

  • SHA256

    038275012a46fd0c0fd07e2350ed8f681619e99912811b0573ff8a2da5126e8a

  • SHA512

    445a2bf51afb3c68c038944ff6ad07bc641e02bbb934a4ad828be0453c39785f82ac603ef318ae05f402a378cebf2d11e81b87bcc250c2fc000f682511bebe6c

  • SSDEEP

    6144:GTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:GTBPFV0RyWl3h2E+7pYm0

Score
7/10

Malware Config

Targets

    • Target

      2024-04-21_b6e769d9a6a547d496e2b0b1ee853fe7_mafia_nionspy

    • Size

      344KB

    • MD5

      b6e769d9a6a547d496e2b0b1ee853fe7

    • SHA1

      6b3f51757902dda538ce805e92d5927cd25e82eb

    • SHA256

      038275012a46fd0c0fd07e2350ed8f681619e99912811b0573ff8a2da5126e8a

    • SHA512

      445a2bf51afb3c68c038944ff6ad07bc641e02bbb934a4ad828be0453c39785f82ac603ef318ae05f402a378cebf2d11e81b87bcc250c2fc000f682511bebe6c

    • SSDEEP

      6144:GTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:GTBPFV0RyWl3h2E+7pYm0

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks