Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-01-25...py.exe

windows7-x64

7

2024-01-25...py.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_94e4b63296a4fae37377f0006ae9a09c_mafia_nionspy

  • Size

    280KB

  • Sample

    240125-fbv62agggq

  • MD5

    94e4b63296a4fae37377f0006ae9a09c

  • SHA1

    49eefbdf18440cdfc92e60e687d3826708bcf706

  • SHA256

    4fbafa669f22736fddd7e176a20ae4c4595239ef08c70551f5d6dfb7eb2d23b6

  • SHA512

    a82215a2c1c5c06fdf7ffc66be7bfbd75d2c167eb1809cc2c4ee52630bb1e2415d143f61d6780873e76bb707ebc2131982e67940cac19faefbeb6d525231a5e0

  • SSDEEP

    6144:XTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:XTBPFV0RyWl3h2E+7pl

Score
7/10

Malware Config

Targets

    • Target

      2024-01-25_94e4b63296a4fae37377f0006ae9a09c_mafia_nionspy

    • Size

      280KB

    • MD5

      94e4b63296a4fae37377f0006ae9a09c

    • SHA1

      49eefbdf18440cdfc92e60e687d3826708bcf706

    • SHA256

      4fbafa669f22736fddd7e176a20ae4c4595239ef08c70551f5d6dfb7eb2d23b6

    • SHA512

      a82215a2c1c5c06fdf7ffc66be7bfbd75d2c167eb1809cc2c4ee52630bb1e2415d143f61d6780873e76bb707ebc2131982e67940cac19faefbeb6d525231a5e0

    • SSDEEP

      6144:XTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:XTBPFV0RyWl3h2E+7pl

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks