Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f9e6ab0561dd77f4eb3fbecd567bc90051d61844b8cdbd239324899fbae50263

  • Size

    394KB

  • Sample

    221031-e6z8ssahfn

  • MD5

    7ac7e51e2687cd03650a91aff4949837

  • SHA1

    59c6ceb2727b30d76d197107e4b0c4a5527ab19b

  • SHA256

    f9e6ab0561dd77f4eb3fbecd567bc90051d61844b8cdbd239324899fbae50263

  • SHA512

    c7bfc291f3ea98e1e68106904f7b306e8b1bc31582a7f77e98e729b6018e9e6756d33b2869865225104d0cc3f6b0ea90b70c62c73faf97f0ee8895272c72dc8c

  • SSDEEP

    6144:0hYVz4L472IMIEp7d9JiStvhz5AYiYCTsPcijrG7ITsq:0hYec72B1JimhiYCTsPV3G7

Score
10/10

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      f9e6ab0561dd77f4eb3fbecd567bc90051d61844b8cdbd239324899fbae50263

    • Size

      394KB

    • MD5

      7ac7e51e2687cd03650a91aff4949837

    • SHA1

      59c6ceb2727b30d76d197107e4b0c4a5527ab19b

    • SHA256

      f9e6ab0561dd77f4eb3fbecd567bc90051d61844b8cdbd239324899fbae50263

    • SHA512

      c7bfc291f3ea98e1e68106904f7b306e8b1bc31582a7f77e98e729b6018e9e6756d33b2869865225104d0cc3f6b0ea90b70c62c73faf97f0ee8895272c72dc8c

    • SSDEEP

      6144:0hYVz4L472IMIEp7d9JiStvhz5AYiYCTsPcijrG7ITsq:0hYec72B1JimhiYCTsPV3G7

    Score
    10/10
    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v6

Tasks