Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-03-08...py.exe

windows7-x64

7

2024-03-08...py.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-08_8f303194505a2d82efc89674946843dd_mafia_nionspy

  • Size

    344KB

  • Sample

    240308-b5m1asbh49

  • MD5

    8f303194505a2d82efc89674946843dd

  • SHA1

    02441b79c2d46b6691ca68c1e8d63b5419c74cfd

  • SHA256

    e238beefddce71ef690d2c518121dad1cb301de4037cbcc102a24a4948c7ca9a

  • SHA512

    ed963cc080382a2f811b8636452a839fa3dcb953f73c0ae18ba9302e7f5972402c2f456fc61b80593c7e920c7fd43b4c7d6499f9381d87dd630ad4e2100d9142

  • SSDEEP

    6144:VoTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:qTBPFV0RyWl3h2E+7pYm0

Score
7/10

Malware Config

Targets

    • Target

      2024-03-08_8f303194505a2d82efc89674946843dd_mafia_nionspy

    • Size

      344KB

    • MD5

      8f303194505a2d82efc89674946843dd

    • SHA1

      02441b79c2d46b6691ca68c1e8d63b5419c74cfd

    • SHA256

      e238beefddce71ef690d2c518121dad1cb301de4037cbcc102a24a4948c7ca9a

    • SHA512

      ed963cc080382a2f811b8636452a839fa3dcb953f73c0ae18ba9302e7f5972402c2f456fc61b80593c7e920c7fd43b4c7d6499f9381d87dd630ad4e2100d9142

    • SSDEEP

      6144:VoTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:qTBPFV0RyWl3h2E+7pYm0

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks