43ad7b5b98889dde80869c308f806c12eed6dea74d00e44aae00a883c8da455c | Triage

Sharing

General

Target

2024-05-20_e74f9822aa60915ec053281ebb5b1f21_mafia_nionspy
Size

274KB
Sample

240520-2ka34saf41
MD5

e74f9822aa60915ec053281ebb5b1f21
SHA1

a78da3d5873df693d372a142b900de309bf38bfb
SHA256

43ad7b5b98889dde80869c308f806c12eed6dea74d00e44aae00a883c8da455c
SHA512

8910a72fcaaf886da756902636cae2373262fb88575e268a81dda5b9326e3be28086034de9ec5dbaff018c4aff62889f46f48e7dd9035fda83da6c4676737642
SSDEEP

6144:KYvZ6brUj+bvqHXSpWr2Kqz83Oad3Jg4PlPDIQ+KLzDDg:KYvEbrUjp3SpWggd3JBPlPDIQ3g

Score

7^/10

Malware Config

Targets

- Target
  
  2024-05-20_e74f9822aa60915ec053281ebb5b1f21_mafia_nionspy
- Size
  
  274KB
- MD5
  
  e74f9822aa60915ec053281ebb5b1f21
- SHA1
  
  a78da3d5873df693d372a142b900de309bf38bfb
- SHA256
  
  43ad7b5b98889dde80869c308f806c12eed6dea74d00e44aae00a883c8da455c
- SHA512
  
  8910a72fcaaf886da756902636cae2373262fb88575e268a81dda5b9326e3be28086034de9ec5dbaff018c4aff62889f46f48e7dd9035fda83da6c4676737642
- SSDEEP
  
  6144:KYvZ6brUj+bvqHXSpWr2Kqz83Oad3Jg4PlPDIQ+KLzDDg:KYvEbrUjp3SpWggd3JBPlPDIQ3g
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2