d0632826aa89f535eff3d4edf665c883dc38236839574a43ea12577e65202846 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-08_10ee9e7a3e8118d71e15e85a7c78638f_mafia_nionspy
Size

327KB
Sample

240908-nhx8zatbjp
MD5

10ee9e7a3e8118d71e15e85a7c78638f
SHA1

b78c03b55300350d5a9d333de31407868afd6fb0
SHA256

d0632826aa89f535eff3d4edf665c883dc38236839574a43ea12577e65202846
SHA512

888f0a23c462e41a097c3ddc5967b1ac40448f41a12873f0994665f4de7d17a6c2e115b83d51412cfe376467e2dab92ae42454127e0788715f0814b758dc35ef
SSDEEP

6144:o2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG89gkPzDhn2+J:o2TFafJiHCWBWPMjVWrXfn2O

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-08_10ee9e7a3e8118d71e15e85a7c78638f_mafia_nionspy
- Size
  
  327KB
- MD5
  
  10ee9e7a3e8118d71e15e85a7c78638f
- SHA1
  
  b78c03b55300350d5a9d333de31407868afd6fb0
- SHA256
  
  d0632826aa89f535eff3d4edf665c883dc38236839574a43ea12577e65202846
- SHA512
  
  888f0a23c462e41a097c3ddc5967b1ac40448f41a12873f0994665f4de7d17a6c2e115b83d51412cfe376467e2dab92ae42454127e0788715f0814b758dc35ef
- SSDEEP
  
  6144:o2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG89gkPzDhn2+J:o2TFafJiHCWBWPMjVWrXfn2O
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2