e42f682d406574d97a1377c43bc617bcddbfce50edc670a64b6b1520557e6335 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-03_dc7dc06593bc3a76f151a3a308b20b68_mafia_nionspy
Size

328KB
Sample

240903-przntswgrn
MD5

dc7dc06593bc3a76f151a3a308b20b68
SHA1

97b28be602c323451402821a68282d615e22d488
SHA256

e42f682d406574d97a1377c43bc617bcddbfce50edc670a64b6b1520557e6335
SHA512

c3d635c4602b429977a34955c26139ab13964897fe35065ca9055d85b4889ce3f43625bc76b313a0c63f70dc89129541de494be318b8df446f4e939bd5ed734e
SSDEEP

6144:wn2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG89gkPzDh1v:wn2TFafJiHCWBWPMjVWrXf1v

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-03_dc7dc06593bc3a76f151a3a308b20b68_mafia_nionspy
- Size
  
  328KB
- MD5
  
  dc7dc06593bc3a76f151a3a308b20b68
- SHA1
  
  97b28be602c323451402821a68282d615e22d488
- SHA256
  
  e42f682d406574d97a1377c43bc617bcddbfce50edc670a64b6b1520557e6335
- SHA512
  
  c3d635c4602b429977a34955c26139ab13964897fe35065ca9055d85b4889ce3f43625bc76b313a0c63f70dc89129541de494be318b8df446f4e939bd5ed734e
- SSDEEP
  
  6144:wn2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG89gkPzDh1v:wn2TFafJiHCWBWPMjVWrXf1v
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2