Static task
static1
Behavioral task
behavioral1
Sample
2024-07-08_a69c6619f8e3835a2e88e11811c6d728_mafia_nionspy.exe
Behavioral task
behavioral2
Sample
2024-07-08_a69c6619f8e3835a2e88e11811c6d728_mafia_nionspy.exe
General
-
Target
2024-07-08_a69c6619f8e3835a2e88e11811c6d728_mafia_nionspy
-
Size
279KB
-
MD5
a69c6619f8e3835a2e88e11811c6d728
-
SHA1
5df2673624b82d10974dec38139ee71168ca2a4d
-
SHA256
68a94aa8e7a438e4db36884884b9edef187aa3bb6943c17456f47aaab2ad7151
-
SHA512
b357ace4044cd6e155637a0723dec34e33e3ef43c06ff74680a75ea5a6b1fb9e0bbbc116008ebf498d7c71eac34eb07ad60f219127990fa518cde95205f28bcf
-
SSDEEP
6144:lTz+WrPFZvTXb4RyW42vFlOloh2E+7phg7ozD:lTBPFV0RyWl3h2E+7ph
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-07-08_a69c6619f8e3835a2e88e11811c6d728_mafia_nionspy
Files
-
2024-07-08_a69c6619f8e3835a2e88e11811c6d728_mafia_nionspy.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 218KB - Virtual size: 217KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 31KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ