d54d35bfdc2cf48b6441ee7d817bf7aacc77f1dd4e77164a382b6818a09f647b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-06_e030af86c6c0e1f49ac82345fdedd728_mafia_nionspy
Size

274KB
Sample

240606-x9ny2sbh92
MD5

e030af86c6c0e1f49ac82345fdedd728
SHA1

5e596f283d7d07c2252efcd50a02920b4f0f3da1
SHA256

d54d35bfdc2cf48b6441ee7d817bf7aacc77f1dd4e77164a382b6818a09f647b
SHA512

b5a2f5fadf3d2d1b9c71d5f8ee9b3e765a9f43555f6d375fb1a01b5e52183b717cbece1e0e66d4528bafb34ee0101811f0eec16f70afc09d053aa9f9d22bd555
SSDEEP

6144:2YvZ6brUj+bvqHXSpWr2Kqz83Oad3Jg4PlPDIQ+KLzDDg:2YvEbrUjp3SpWggd3JBPlPDIQ3g

Score

7^/10

Malware Config

Targets

- Target
  
  2024-06-06_e030af86c6c0e1f49ac82345fdedd728_mafia_nionspy
- Size
  
  274KB
- MD5
  
  e030af86c6c0e1f49ac82345fdedd728
- SHA1
  
  5e596f283d7d07c2252efcd50a02920b4f0f3da1
- SHA256
  
  d54d35bfdc2cf48b6441ee7d817bf7aacc77f1dd4e77164a382b6818a09f647b
- SHA512
  
  b5a2f5fadf3d2d1b9c71d5f8ee9b3e765a9f43555f6d375fb1a01b5e52183b717cbece1e0e66d4528bafb34ee0101811f0eec16f70afc09d053aa9f9d22bd555
- SSDEEP
  
  6144:2YvZ6brUj+bvqHXSpWr2Kqz83Oad3Jg4PlPDIQ+KLzDDg:2YvEbrUjp3SpWggd3JBPlPDIQ3g
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2