070c57738118921f43e81bf77ec5943336b7e402fa91ffd0d0919ca0974b637e | Triage

Sharing

General

Target

2024-05-07_7c118987b64d80d6bf0b9cb1e5c4e81b_mafia_nionspy
Size

280KB
Sample

240507-mzyemach51
MD5

7c118987b64d80d6bf0b9cb1e5c4e81b
SHA1

7fdd96e3069188d339542f72e3567d0d2dfdece5
SHA256

070c57738118921f43e81bf77ec5943336b7e402fa91ffd0d0919ca0974b637e
SHA512

f573f880a14d38a2d071b7881068abe95ac348a0d858ee14ac2d52c7d5ba833906e6754618ed717121a58d2b99e66b9e1d0a8d98e985f697e8fdd170fa352be2
SSDEEP

6144:MTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:MTBPFV0RyWl3h2E+7pl

Score

7^/10

Malware Config

Targets

- Target
  
  2024-05-07_7c118987b64d80d6bf0b9cb1e5c4e81b_mafia_nionspy
- Size
  
  280KB
- MD5
  
  7c118987b64d80d6bf0b9cb1e5c4e81b
- SHA1
  
  7fdd96e3069188d339542f72e3567d0d2dfdece5
- SHA256
  
  070c57738118921f43e81bf77ec5943336b7e402fa91ffd0d0919ca0974b637e
- SHA512
  
  f573f880a14d38a2d071b7881068abe95ac348a0d858ee14ac2d52c7d5ba833906e6754618ed717121a58d2b99e66b9e1d0a8d98e985f697e8fdd170fa352be2
- SSDEEP
  
  6144:MTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:MTBPFV0RyWl3h2E+7pl
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2