Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-21_250b60b4db9e04b067d2a1594a90eedd_mafia_revil
-
Size
17.4MB
-
Sample
240121-pzfwpadec7
-
MD5
250b60b4db9e04b067d2a1594a90eedd
-
SHA1
818ca0a671fed0b84b3c8b777ae24f476eaa5285
-
SHA256
bad8a99a5d4ea817a2fb51918b41f0d69d8bb4e8b2af14837d5f16d23ab2b7e6
-
SHA512
7127d7c71b090ad021e305a47ab61e39781e076c1632c767a5e7e95d5b33c1acd39e37930c5445f28d8e70dc4993e66964c7a15231f1252e05d5f5287d8760ac
-
SSDEEP
393216:hm7Fm08QYsmdEFlm2h3+1LzkTUM8HmwKKZ5W:i9RKZ
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-21_250b60b4db9e04b067d2a1594a90eedd_mafia_revil.exe
Resource
win7-20231215-en
Malware Config
Extracted
njrat
0.7d
HacKed
bXlpbnN1Lnp6LmFt:1999
ac508f600d763c24a745123d31eae8e9
-
reg_key
ac508f600d763c24a745123d31eae8e9
-
splitter
|'|'|
Targets
-
-
Target
2024-01-21_250b60b4db9e04b067d2a1594a90eedd_mafia_revil
-
Size
17.4MB
-
MD5
250b60b4db9e04b067d2a1594a90eedd
-
SHA1
818ca0a671fed0b84b3c8b777ae24f476eaa5285
-
SHA256
bad8a99a5d4ea817a2fb51918b41f0d69d8bb4e8b2af14837d5f16d23ab2b7e6
-
SHA512
7127d7c71b090ad021e305a47ab61e39781e076c1632c767a5e7e95d5b33c1acd39e37930c5445f28d8e70dc4993e66964c7a15231f1252e05d5f5287d8760ac
-
SSDEEP
393216:hm7Fm08QYsmdEFlm2h3+1LzkTUM8HmwKKZ5W:i9RKZ
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-