Overview

overview

7

Static

static

3

2024-06-05...py.exe

windows7-x64

7

2024-06-05...py.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-06-05_07f8d8e35c6c58d189387594be4a800d_mafia_nionspy

  • Size

    344KB

  • Sample

    240605-fe1wpafe23

  • MD5

    07f8d8e35c6c58d189387594be4a800d

  • SHA1

    b6123a73865864af5f9e56856920ef55ed4cd726

  • SHA256

    a34f9a3526581b2e00a52e5aac304c5d90acfc990fd398a4d52d564ff97ad665

  • SHA512

    6674c541dab7d8f7943c23d2fcdf82cca485f898fa2516f01ab6a17120aafc7ac6f83d7f05c27211c143b89d8d83cb99d120c27c1b8349945cf465eb9f9c0a3e

  • SSDEEP

    6144:UTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:UTBPFV0RyWl3h2E+7pYm0

Score
7/10

Malware Config

Targets

    • Target

      2024-06-05_07f8d8e35c6c58d189387594be4a800d_mafia_nionspy

    • Size

      344KB

    • MD5

      07f8d8e35c6c58d189387594be4a800d

    • SHA1

      b6123a73865864af5f9e56856920ef55ed4cd726

    • SHA256

      a34f9a3526581b2e00a52e5aac304c5d90acfc990fd398a4d52d564ff97ad665

    • SHA512

      6674c541dab7d8f7943c23d2fcdf82cca485f898fa2516f01ab6a17120aafc7ac6f83d7f05c27211c143b89d8d83cb99d120c27c1b8349945cf465eb9f9c0a3e

    • SSDEEP

      6144:UTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:UTBPFV0RyWl3h2E+7pYm0

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks