265cf4adc6b9bd39781975fe87cc4b624b9072f7de86cfaf8b86cde0536e7184 | Triage

Sharing

General

Target

2024-05-04_40ced9916caf6ee35620737a15d6985f_mafia_nionspy
Size

288KB
Sample

240504-d1hwwsca6x
MD5

40ced9916caf6ee35620737a15d6985f
SHA1

49ee48f38b9a41124de984dd31a6f2b9d7cccbcc
SHA256

265cf4adc6b9bd39781975fe87cc4b624b9072f7de86cfaf8b86cde0536e7184
SHA512

e599c34873c24c75ed29273e704e662511f9e2955f1923855da2489e7ceb5f978efc43ee23689297fcb0dbb27d2b602575bed5c137fa9da0dd59e979bfaab6c9
SSDEEP

6144:XQ+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:XQMyfmNFHfnWfhLZVHmOog

Score

7^/10

Malware Config

Targets

- Target
  
  2024-05-04_40ced9916caf6ee35620737a15d6985f_mafia_nionspy
- Size
  
  288KB
- MD5
  
  40ced9916caf6ee35620737a15d6985f
- SHA1
  
  49ee48f38b9a41124de984dd31a6f2b9d7cccbcc
- SHA256
  
  265cf4adc6b9bd39781975fe87cc4b624b9072f7de86cfaf8b86cde0536e7184
- SHA512
  
  e599c34873c24c75ed29273e704e662511f9e2955f1923855da2489e7ceb5f978efc43ee23689297fcb0dbb27d2b602575bed5c137fa9da0dd59e979bfaab6c9
- SSDEEP
  
  6144:XQ+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:XQMyfmNFHfnWfhLZVHmOog
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2