Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-02-04...py.exe

windows7-x64

7

2024-02-04...py.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-04_0b8787962fafbaa239da627098f4e0af_mafia_nionspy

  • Size

    344KB

  • Sample

    240204-f3nw2aacg4

  • MD5

    0b8787962fafbaa239da627098f4e0af

  • SHA1

    d1ce6cf715b7daf66ec022edad59e69d77592a18

  • SHA256

    739a2b93141723c8880cd1e805abffc7f0b9541d71c7a7d4ac25f1d8b4b47f3b

  • SHA512

    5823e7b14528bf0a131bba518f648dde7ba80cde247087fbc77f55ff474e3a5bfd8a71c9d87746afeef876b1d98f83a6556aeeeafb684db083ca5214d4c32058

  • SSDEEP

    6144:mTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:mTBPFV0RyWl3h2E+7pYm0

Score
7/10

Malware Config

Targets

    • Target

      2024-02-04_0b8787962fafbaa239da627098f4e0af_mafia_nionspy

    • Size

      344KB

    • MD5

      0b8787962fafbaa239da627098f4e0af

    • SHA1

      d1ce6cf715b7daf66ec022edad59e69d77592a18

    • SHA256

      739a2b93141723c8880cd1e805abffc7f0b9541d71c7a7d4ac25f1d8b4b47f3b

    • SHA512

      5823e7b14528bf0a131bba518f648dde7ba80cde247087fbc77f55ff474e3a5bfd8a71c9d87746afeef876b1d98f83a6556aeeeafb684db083ca5214d4c32058

    • SSDEEP

      6144:mTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:mTBPFV0RyWl3h2E+7pYm0

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks