Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-01-26...py.exe

windows7-x64

7

2024-01-26...py.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-26_28d0751662e13a00f88f021f3d1916df_mafia_nionspy

  • Size

    327KB

  • Sample

    240126-jl2y4shbc6

  • MD5

    28d0751662e13a00f88f021f3d1916df

  • SHA1

    ae455b75fa3b7283f4e3c905df7a819e93811450

  • SHA256

    bb0938af191ac83a0b0d891a6f72f890ab14ee039e9e581ca3b6bc62f92f161d

  • SHA512

    3b9e47f70c5b0f633a389813faf1c1e25205e3c02e8469c8d1706387af0b280f8ad68bd51ca7a863fce6545857aaebb6f9a4ad011d33f34858973432953f55bc

  • SSDEEP

    6144:l2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG8KgbPzDh:l2TFafJiHCWBWPMjVWrXK0

Score
7/10

Malware Config

Targets

    • Target

      2024-01-26_28d0751662e13a00f88f021f3d1916df_mafia_nionspy

    • Size

      327KB

    • MD5

      28d0751662e13a00f88f021f3d1916df

    • SHA1

      ae455b75fa3b7283f4e3c905df7a819e93811450

    • SHA256

      bb0938af191ac83a0b0d891a6f72f890ab14ee039e9e581ca3b6bc62f92f161d

    • SHA512

      3b9e47f70c5b0f633a389813faf1c1e25205e3c02e8469c8d1706387af0b280f8ad68bd51ca7a863fce6545857aaebb6f9a4ad011d33f34858973432953f55bc

    • SSDEEP

      6144:l2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG8KgbPzDh:l2TFafJiHCWBWPMjVWrXK0

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks