Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-03-09...py.exe

windows7-x64

7

2024-03-09...py.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-09_0c609311f81d342d58051239819f74b6_mafia_nionspy

  • Size

    328KB

  • Sample

    240309-m44gfaga6x

  • MD5

    0c609311f81d342d58051239819f74b6

  • SHA1

    5da0fb997c35276b1d74bb63bca84a20abbe1997

  • SHA256

    e8bf2ea8e88039b5e5a51cf96e38ebb1b62109d1856424bb1381fe9fdcf91a3a

  • SHA512

    fe17df2c5abc7cb3c4f84e58f598fa3ff29f49433555a59c204f03d05898c49cfcc764f419a36ca74b206a6b87388aaf7a02221f9d7ad4a6e09fb21960269e76

  • SSDEEP

    6144:G2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG89gkPzDh1v:G2TFafJiHCWBWPMjVWrXf1v

Score
7/10

Malware Config

Targets

    • Target

      2024-03-09_0c609311f81d342d58051239819f74b6_mafia_nionspy

    • Size

      328KB

    • MD5

      0c609311f81d342d58051239819f74b6

    • SHA1

      5da0fb997c35276b1d74bb63bca84a20abbe1997

    • SHA256

      e8bf2ea8e88039b5e5a51cf96e38ebb1b62109d1856424bb1381fe9fdcf91a3a

    • SHA512

      fe17df2c5abc7cb3c4f84e58f598fa3ff29f49433555a59c204f03d05898c49cfcc764f419a36ca74b206a6b87388aaf7a02221f9d7ad4a6e09fb21960269e76

    • SSDEEP

      6144:G2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG89gkPzDh1v:G2TFafJiHCWBWPMjVWrXf1v

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks