Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-03-12...py.exe

windows7-x64

7

2024-03-12...py.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-12_e8bb6378669a6ec987df2b636ec599f2_mafia_nionspy

  • Size

    344KB

  • Sample

    240312-jy8x7aeb88

  • MD5

    e8bb6378669a6ec987df2b636ec599f2

  • SHA1

    ffff205191d1ba18963c0517ebf4919e94c885f6

  • SHA256

    22186486283787973eea7c7fcb23b732f639a8dd3de70aad5df8c7c8555cecbc

  • SHA512

    6f0f8c2c89267143c6a1eef217fc678df73aded5a7895c547e877fc1a4199d28226ed33841f8a8ee50ecc91c3bd5406a22a0f7ce4471b7d07bd976e82331cab9

  • SSDEEP

    6144:RTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:RTBPFV0RyWl3h2E+7pYm0

Score
7/10

Malware Config

Targets

    • Target

      2024-03-12_e8bb6378669a6ec987df2b636ec599f2_mafia_nionspy

    • Size

      344KB

    • MD5

      e8bb6378669a6ec987df2b636ec599f2

    • SHA1

      ffff205191d1ba18963c0517ebf4919e94c885f6

    • SHA256

      22186486283787973eea7c7fcb23b732f639a8dd3de70aad5df8c7c8555cecbc

    • SHA512

      6f0f8c2c89267143c6a1eef217fc678df73aded5a7895c547e877fc1a4199d28226ed33841f8a8ee50ecc91c3bd5406a22a0f7ce4471b7d07bd976e82331cab9

    • SSDEEP

      6144:RTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:RTBPFV0RyWl3h2E+7pYm0

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks