General
-
Target
2024-04-24_38cccf94fdf7ba21744f5951507ef328_mafia_nionspy
-
Size
280KB
-
Sample
240424-mgybxagg64
-
MD5
38cccf94fdf7ba21744f5951507ef328
-
SHA1
20f1be09b7db08d2ab458d1c1555c1ee094b54e4
-
SHA256
c38b1f9959b417015d48f510149ad69cbc85315ffabbacb43aca98a35d4e7eaa
-
SHA512
959c62b1869534499a1173507725e55a3ef09ce3215fa6828c2105dfed66269b11906ea7077f81b913fcb0a198788d0f86ca1fe839f287e21c292989abb56d5a
-
SSDEEP
6144:LTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:LTBPFV0RyWl3h2E+7pl
Malware Config
Targets
-
-
Target
2024-04-24_38cccf94fdf7ba21744f5951507ef328_mafia_nionspy
-
Size
280KB
-
MD5
38cccf94fdf7ba21744f5951507ef328
-
SHA1
20f1be09b7db08d2ab458d1c1555c1ee094b54e4
-
SHA256
c38b1f9959b417015d48f510149ad69cbc85315ffabbacb43aca98a35d4e7eaa
-
SHA512
959c62b1869534499a1173507725e55a3ef09ce3215fa6828c2105dfed66269b11906ea7077f81b913fcb0a198788d0f86ca1fe839f287e21c292989abb56d5a
-
SSDEEP
6144:LTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:LTBPFV0RyWl3h2E+7pl
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-