Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-01-27...py.exe

windows7-x64

7

2024-01-27...py.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-27_bb5ff3182739cf9b196117e76c809e25_mafia_nionspy

  • Size

    327KB

  • Sample

    240127-q3v1fsfcel

  • MD5

    bb5ff3182739cf9b196117e76c809e25

  • SHA1

    c2a7f97da376c1aa99f4296c3dc752352af4d1ad

  • SHA256

    54bc04a065390bb26b50545b30d90bdf43a4ad8188346257094e194f505deac3

  • SHA512

    e58131c8272b1151b9ff8afb9592acf1efa6e6e446fef9fc9806528ac951cb7738e41a0ca524ac948223a5337668520575849f58238f26f1757639d8b6a79b35

  • SSDEEP

    6144:S2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG8KgbPzDh:S2TFafJiHCWBWPMjVWrXK0

Score
7/10

Malware Config

Targets

    • Target

      2024-01-27_bb5ff3182739cf9b196117e76c809e25_mafia_nionspy

    • Size

      327KB

    • MD5

      bb5ff3182739cf9b196117e76c809e25

    • SHA1

      c2a7f97da376c1aa99f4296c3dc752352af4d1ad

    • SHA256

      54bc04a065390bb26b50545b30d90bdf43a4ad8188346257094e194f505deac3

    • SHA512

      e58131c8272b1151b9ff8afb9592acf1efa6e6e446fef9fc9806528ac951cb7738e41a0ca524ac948223a5337668520575849f58238f26f1757639d8b6a79b35

    • SSDEEP

      6144:S2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG8KgbPzDh:S2TFafJiHCWBWPMjVWrXK0

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks