56f611122cf4e7afc9dddef6d837ac785bc7d488c0ea7b2d34175427752b90d1 | Triage

Sharing

General

Target

2024-05-08_deb3ddb6ac18607d02ec838424e1c182_mafia_nionspy
Size

280KB
Sample

240508-nl2essac6w
MD5

deb3ddb6ac18607d02ec838424e1c182
SHA1

3d7aed087e91b41efcbe00da536831185e6a5237
SHA256

56f611122cf4e7afc9dddef6d837ac785bc7d488c0ea7b2d34175427752b90d1
SHA512

7457a1664733f1aad6b0a9f21cf0cd43dbc398b9d098c6e1d423964a6cb27d62fca76d82dcc27e8f92c1f6be19db8a9cda1390ccc3034e6084ec0f3085548929
SSDEEP

6144:VQ+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:VQMyfmNFHfnWfhLZVHmOog

Score

7^/10

Malware Config

Targets

- Target
  
  2024-05-08_deb3ddb6ac18607d02ec838424e1c182_mafia_nionspy
- Size
  
  280KB
- MD5
  
  deb3ddb6ac18607d02ec838424e1c182
- SHA1
  
  3d7aed087e91b41efcbe00da536831185e6a5237
- SHA256
  
  56f611122cf4e7afc9dddef6d837ac785bc7d488c0ea7b2d34175427752b90d1
- SHA512
  
  7457a1664733f1aad6b0a9f21cf0cd43dbc398b9d098c6e1d423964a6cb27d62fca76d82dcc27e8f92c1f6be19db8a9cda1390ccc3034e6084ec0f3085548929
- SSDEEP
  
  6144:VQ+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:VQMyfmNFHfnWfhLZVHmOog
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2