75b03138024fc3a92218a572ab7ca1fe460e4e7c2da68bc64af0e8b9f3959a2c | Triage

Sharing

General

Target

2024-05-20_77a1acec0440b43d179a0b4e331a32de_mafia_nionspy
Size

344KB
Sample

240520-r9rr2sfc4w
MD5

77a1acec0440b43d179a0b4e331a32de
SHA1

5a7d918b9806f76f4f9dbd0e2e358a1559a54a1a
SHA256

75b03138024fc3a92218a572ab7ca1fe460e4e7c2da68bc64af0e8b9f3959a2c
SHA512

66926868fba007c09bc09b342163df09fb445dc4071d996a2d67136b9ab51e8cb43b46965715d23617e1537d41b71ecf6d9ebafcef32c6f17ad24dbc42bfeaa7
SSDEEP

6144:ITz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:ITBPFV0RyWl3h2E+7pYm0

Score

7^/10

Malware Config

Targets

- Target
  
  2024-05-20_77a1acec0440b43d179a0b4e331a32de_mafia_nionspy
- Size
  
  344KB
- MD5
  
  77a1acec0440b43d179a0b4e331a32de
- SHA1
  
  5a7d918b9806f76f4f9dbd0e2e358a1559a54a1a
- SHA256
  
  75b03138024fc3a92218a572ab7ca1fe460e4e7c2da68bc64af0e8b9f3959a2c
- SHA512
  
  66926868fba007c09bc09b342163df09fb445dc4071d996a2d67136b9ab51e8cb43b46965715d23617e1537d41b71ecf6d9ebafcef32c6f17ad24dbc42bfeaa7
- SSDEEP
  
  6144:ITz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:ITBPFV0RyWl3h2E+7pYm0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2