Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file

  • Size

    1.5MB

  • Sample

    221125-m6f4xsff5z

  • MD5

    3ec8cc709e2c6c399995935a26b1424c

  • SHA1

    e326e1dc24819ff6b2833452b38598c943c62197

  • SHA256

    43918d8c4473265ec9b69efd8070a14e6732bafb4e7dd39f26213217c26e9796

  • SHA512

    b59a4414d9bebffad20d4c0ecd2b19ab42a8734333826c9d0447003e2536f41baefcce8537719264c5c10ee88a36ff29fc0db2e6a02a03bdd914ec87678569bc

  • SSDEEP

    24576:Bizcbc+fYNbvGln0RPYdctjmb+3G2UQeIFB+4Bz1U9vetEckQjj/jCsvdfaY6z7O:qkffYNjen0RMc9mSCi+4ZtV/3/2svdfj

Score
10/10

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      file

    • Size

      1.5MB

    • MD5

      3ec8cc709e2c6c399995935a26b1424c

    • SHA1

      e326e1dc24819ff6b2833452b38598c943c62197

    • SHA256

      43918d8c4473265ec9b69efd8070a14e6732bafb4e7dd39f26213217c26e9796

    • SHA512

      b59a4414d9bebffad20d4c0ecd2b19ab42a8734333826c9d0447003e2536f41baefcce8537719264c5c10ee88a36ff29fc0db2e6a02a03bdd914ec87678569bc

    • SSDEEP

      24576:Bizcbc+fYNbvGln0RPYdctjmb+3G2UQeIFB+4Bz1U9vetEckQjj/jCsvdfaY6z7O:qkffYNjen0RMc9mSCi+4ZtV/3/2svdfj

    Score
    10/10
    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks