f17bb0197c25acacf3062a501d3dff3fe7ad91dc09ecef69e0edfba69636573c | Triage

Sharing

General

Target

2024-05-02_73e5a00a5f06aa7337b7dd9643f3cb9b_mafia_nionspy
Size

348KB
Sample

240502-enxd7agd4x
MD5

73e5a00a5f06aa7337b7dd9643f3cb9b
SHA1

2dd86b33881c6a8519e4d1d033f1a3b4326aad45
SHA256

f17bb0197c25acacf3062a501d3dff3fe7ad91dc09ecef69e0edfba69636573c
SHA512

6215c47ac25efad790acc82d00e9c8a54d889ea8cd1860cb130e044226250d2a190c1d777d82bc808278ca260f6fe00c684900a382665f2120b843f0e4c7ea63
SSDEEP

6144:e2+JS2sFZfI8U0obHCW/2a7XQcsPMjVWr289gkPzDhmv:e2TFZfJiHCWBWPMjVWrHfmv

Score

7^/10

Malware Config

Targets

- Target
  
  2024-05-02_73e5a00a5f06aa7337b7dd9643f3cb9b_mafia_nionspy
- Size
  
  348KB
- MD5
  
  73e5a00a5f06aa7337b7dd9643f3cb9b
- SHA1
  
  2dd86b33881c6a8519e4d1d033f1a3b4326aad45
- SHA256
  
  f17bb0197c25acacf3062a501d3dff3fe7ad91dc09ecef69e0edfba69636573c
- SHA512
  
  6215c47ac25efad790acc82d00e9c8a54d889ea8cd1860cb130e044226250d2a190c1d777d82bc808278ca260f6fe00c684900a382665f2120b843f0e4c7ea63
- SSDEEP
  
  6144:e2+JS2sFZfI8U0obHCW/2a7XQcsPMjVWr289gkPzDhmv:e2TFZfJiHCWBWPMjVWrHfmv
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2