2bc4c34f17b1e5d8dd7f8260e485ad3e905dd7e7b37409575b96cfb4f460dd95 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-09_2c1e8b2fd2767df6807d43ddcef6b370_mafia_nionspy
Size

328KB
Sample

240509-bq8cpaae6w
MD5

2c1e8b2fd2767df6807d43ddcef6b370
SHA1

fc3ba30e2d112de6b8a518268fd860c4567b9f57
SHA256

2bc4c34f17b1e5d8dd7f8260e485ad3e905dd7e7b37409575b96cfb4f460dd95
SHA512

cf82048aed963e64bbef69cf87d2d211f75c1fc0c2e813873cae003d931d17d74d5654ac844e3a690c91deda8a8b0af3e81edaf614186a0b164ac42c2b059a7d
SSDEEP

6144:U2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG89gkPzDh1v:U2TFafJiHCWBWPMjVWrXf1v

Score

7^/10

Malware Config

Targets

- Target
  
  2024-05-09_2c1e8b2fd2767df6807d43ddcef6b370_mafia_nionspy
- Size
  
  328KB
- MD5
  
  2c1e8b2fd2767df6807d43ddcef6b370
- SHA1
  
  fc3ba30e2d112de6b8a518268fd860c4567b9f57
- SHA256
  
  2bc4c34f17b1e5d8dd7f8260e485ad3e905dd7e7b37409575b96cfb4f460dd95
- SHA512
  
  cf82048aed963e64bbef69cf87d2d211f75c1fc0c2e813873cae003d931d17d74d5654ac844e3a690c91deda8a8b0af3e81edaf614186a0b164ac42c2b059a7d
- SSDEEP
  
  6144:U2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG89gkPzDh1v:U2TFafJiHCWBWPMjVWrXf1v
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2