8a521e5b7fd0b754a64bd5ad4ba5450b97c9bcc22b751466faa73957e9ecaa23 | Triage

Sharing

General

Target

2024-04-30_be68dd2aee7b19c03d927d8dd8c41121_mafia_nionspy
Size

280KB
Sample

240430-sbns6she3t
MD5

be68dd2aee7b19c03d927d8dd8c41121
SHA1

80cca647de39ffb5d5222ab585d94ff777e0bc78
SHA256

8a521e5b7fd0b754a64bd5ad4ba5450b97c9bcc22b751466faa73957e9ecaa23
SHA512

923d6766179c75aade6dfc15a13515436e3d7b126407b1481537a00132f630e455567f875dfe2058f32309e9b8fc0d905f743913b7ac45b37f9707c01fdb53eb
SSDEEP

6144:qTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:qTBPFV0RyWl3h2E+7pl

Score

7^/10

Malware Config

Targets

- Target
  
  2024-04-30_be68dd2aee7b19c03d927d8dd8c41121_mafia_nionspy
- Size
  
  280KB
- MD5
  
  be68dd2aee7b19c03d927d8dd8c41121
- SHA1
  
  80cca647de39ffb5d5222ab585d94ff777e0bc78
- SHA256
  
  8a521e5b7fd0b754a64bd5ad4ba5450b97c9bcc22b751466faa73957e9ecaa23
- SHA512
  
  923d6766179c75aade6dfc15a13515436e3d7b126407b1481537a00132f630e455567f875dfe2058f32309e9b8fc0d905f743913b7ac45b37f9707c01fdb53eb
- SSDEEP
  
  6144:qTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:qTBPFV0RyWl3h2E+7pl
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2