Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-01-27...py.exe

windows7-x64

7

2024-01-27...py.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-27_d26ea78c92e6c36999cdd5a38327e364_mafia_nionspy

  • Size

    344KB

  • Sample

    240127-kgrg9agga5

  • MD5

    d26ea78c92e6c36999cdd5a38327e364

  • SHA1

    c6d005aa519727ef39be4f9caec12472a908c1e4

  • SHA256

    301c6a48c7a9924909596ffa1cca6fdd776a334d8d512b11577b5d7146fffcb1

  • SHA512

    8dd4d65e1e7e5a66ab2ff3f4c12d7cd8fb87a75d16bad49964ed518e351048366a643c1e536ad06f51eb62f3a680bdc9589b8ee28307d8c1de5babfd757a0e79

  • SSDEEP

    6144:wTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:wTBPFV0RyWl3h2E+7pYm0

Score
7/10

Malware Config

Targets

    • Target

      2024-01-27_d26ea78c92e6c36999cdd5a38327e364_mafia_nionspy

    • Size

      344KB

    • MD5

      d26ea78c92e6c36999cdd5a38327e364

    • SHA1

      c6d005aa519727ef39be4f9caec12472a908c1e4

    • SHA256

      301c6a48c7a9924909596ffa1cca6fdd776a334d8d512b11577b5d7146fffcb1

    • SHA512

      8dd4d65e1e7e5a66ab2ff3f4c12d7cd8fb87a75d16bad49964ed518e351048366a643c1e536ad06f51eb62f3a680bdc9589b8ee28307d8c1de5babfd757a0e79

    • SSDEEP

      6144:wTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:wTBPFV0RyWl3h2E+7pYm0

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks