1ce69aa478934bb570faffb32ee928adee2b9c7e706533f5d367ceaf7303b82d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-02_807fd7caa474f90131a0a6171fafa10b_mafia_nionspy
Size

280KB
Sample

240802-katn2ayaje
MD5

807fd7caa474f90131a0a6171fafa10b
SHA1

f72a44ab2f3e496c3744ee9902e8d43a4b888465
SHA256

1ce69aa478934bb570faffb32ee928adee2b9c7e706533f5d367ceaf7303b82d
SHA512

5ff5b2e46a6c174062ceaa5911c17e256ab7c39eafd31b0ef17757930b1a44ea4c85d0664c37b21b6f447fdc92283aac23be50992409a1c732d27dc3d7bd3c6f
SSDEEP

6144:xQ+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:xQMyfmNFHfnWfhLZVHmOog

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-02_807fd7caa474f90131a0a6171fafa10b_mafia_nionspy
- Size
  
  280KB
- MD5
  
  807fd7caa474f90131a0a6171fafa10b
- SHA1
  
  f72a44ab2f3e496c3744ee9902e8d43a4b888465
- SHA256
  
  1ce69aa478934bb570faffb32ee928adee2b9c7e706533f5d367ceaf7303b82d
- SHA512
  
  5ff5b2e46a6c174062ceaa5911c17e256ab7c39eafd31b0ef17757930b1a44ea4c85d0664c37b21b6f447fdc92283aac23be50992409a1c732d27dc3d7bd3c6f
- SSDEEP
  
  6144:xQ+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:xQMyfmNFHfnWfhLZVHmOog
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2