Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-13_cc26efd74549cd47751868911afab602_mafia_nionspy

  • Size

    280KB

  • Sample

    240313-yeanlseb8w

  • MD5

    cc26efd74549cd47751868911afab602

  • SHA1

    925126eb279baad878b4d4dc36ab3c96075d389a

  • SHA256

    e7ce6c3fdd6ebb3568df4bb3f65dba578fda108725fac341aa92d05f032af107

  • SHA512

    5f22567fbf1366f05e64fb629ed574e3ae0fe00fb5d1bd9458b200f77ccbeef99698ca2ec3ca8b3ee3636b7073c698e67ac8f2fc14aec1b872f93bb49c298c0e

  • SSDEEP

    6144:+Tz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:+TBPFV0RyWl3h2E+7pl

Score
7/10

Malware Config

Targets

    • Target

      2024-03-13_cc26efd74549cd47751868911afab602_mafia_nionspy

    • Size

      280KB

    • MD5

      cc26efd74549cd47751868911afab602

    • SHA1

      925126eb279baad878b4d4dc36ab3c96075d389a

    • SHA256

      e7ce6c3fdd6ebb3568df4bb3f65dba578fda108725fac341aa92d05f032af107

    • SHA512

      5f22567fbf1366f05e64fb629ed574e3ae0fe00fb5d1bd9458b200f77ccbeef99698ca2ec3ca8b3ee3636b7073c698e67ac8f2fc14aec1b872f93bb49c298c0e

    • SSDEEP

      6144:+Tz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:+TBPFV0RyWl3h2E+7pl

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks