Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-03-11...py.exe

windows7-x64

7

2024-03-11...py.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-11_1c121c89fe5774bf0c52da0a15ee0525_mafia_nionspy

  • Size

    280KB

  • Sample

    240311-dxvraabd6w

  • MD5

    1c121c89fe5774bf0c52da0a15ee0525

  • SHA1

    34c29c13d971730f77558ccd8a6ecb525ce8a6a8

  • SHA256

    4420b065622225475fcbda38f168f154bb6bb2dd368a8a298be8b32d5ae0844c

  • SHA512

    aa9d3431de8d9772c2dbe166070d4a54c0f6bd2624bae1b0931a4cae82a64cf38b7e4b4089cb63712c60df37a9fcd5c3916cbf29d1be4eefc719bea2c5e8046e

  • SSDEEP

    6144:aTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:aTBPFV0RyWl3h2E+7pl

Score
7/10

Malware Config

Targets

    • Target

      2024-03-11_1c121c89fe5774bf0c52da0a15ee0525_mafia_nionspy

    • Size

      280KB

    • MD5

      1c121c89fe5774bf0c52da0a15ee0525

    • SHA1

      34c29c13d971730f77558ccd8a6ecb525ce8a6a8

    • SHA256

      4420b065622225475fcbda38f168f154bb6bb2dd368a8a298be8b32d5ae0844c

    • SHA512

      aa9d3431de8d9772c2dbe166070d4a54c0f6bd2624bae1b0931a4cae82a64cf38b7e4b4089cb63712c60df37a9fcd5c3916cbf29d1be4eefc719bea2c5e8046e

    • SSDEEP

      6144:aTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:aTBPFV0RyWl3h2E+7pl

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks