Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    1.9MB

  • Sample

    221229-pfgnwagb5v

  • MD5

    ba1d8b54bb381d8b4694806d1c325696

  • SHA1

    5067a25cd96a8d628123f02d5fbd12f08764609a

  • SHA256

    8e3c53be955a39706853a6fa0d3e11d12c57092d6fdc5926bd5d9b1875551341

  • SHA512

    353b4223e5bf6156c698d38c8f582925f521dd63232fe1df43948de18e950a79305bd3b20662ba3af92f4c0f0b90f537971d70ca19917c4a6c1fbf7c2c49324c

  • SSDEEP

    49152:FitsjBjNNy2mWdKTc4sNcj2al3YDDpEhkTxu+4+Hth963:FitsV7y2GSkOZ19u+4+HtHC

Score
10/10

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      file.exe

    • Size

      1.9MB

    • MD5

      ba1d8b54bb381d8b4694806d1c325696

    • SHA1

      5067a25cd96a8d628123f02d5fbd12f08764609a

    • SHA256

      8e3c53be955a39706853a6fa0d3e11d12c57092d6fdc5926bd5d9b1875551341

    • SHA512

      353b4223e5bf6156c698d38c8f582925f521dd63232fe1df43948de18e950a79305bd3b20662ba3af92f4c0f0b90f537971d70ca19917c4a6c1fbf7c2c49324c

    • SSDEEP

      49152:FitsjBjNNy2mWdKTc4sNcj2al3YDDpEhkTxu+4+Hth963:FitsV7y2GSkOZ19u+4+HtHC

    Score
    10/10
    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks