Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-01-11...py.exe

windows7-x64

7

2024-01-11...py.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-11_d31d0c42023c5e056d3b55283c7e5ce1_mafia_nionspy

  • Size

    327KB

  • Sample

    240112-gtx9sabae2

  • MD5

    d31d0c42023c5e056d3b55283c7e5ce1

  • SHA1

    5a8d453c52c21945a5e17ac5af94750518b1b9b9

  • SHA256

    33c66bb6f962494eb6648e4236b023725797630198b1907d6b6da8ae3fc47d7d

  • SHA512

    01cab12f9020f0f846b7906981d73b0c36e49e83b7da4bafd84b3c34fa93aab2a700bfbd3ddcab8433c2e9670731bfebd675f250534c7af47ff72211d3d98151

  • SSDEEP

    6144:V2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG8KgbPzDh:V2TFafJiHCWBWPMjVWrXK0

Score
7/10

Malware Config

Targets

    • Target

      2024-01-11_d31d0c42023c5e056d3b55283c7e5ce1_mafia_nionspy

    • Size

      327KB

    • MD5

      d31d0c42023c5e056d3b55283c7e5ce1

    • SHA1

      5a8d453c52c21945a5e17ac5af94750518b1b9b9

    • SHA256

      33c66bb6f962494eb6648e4236b023725797630198b1907d6b6da8ae3fc47d7d

    • SHA512

      01cab12f9020f0f846b7906981d73b0c36e49e83b7da4bafd84b3c34fa93aab2a700bfbd3ddcab8433c2e9670731bfebd675f250534c7af47ff72211d3d98151

    • SSDEEP

      6144:V2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG8KgbPzDh:V2TFafJiHCWBWPMjVWrXK0

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks