Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-05-03...py.exe

windows7-x64

7

2024-05-03...py.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-03_d9b6f44dc1badca21a3a5945c5218252_mafia_nionspy

  • Size

    344KB

  • Sample

    240503-ffzp1shf24

  • MD5

    d9b6f44dc1badca21a3a5945c5218252

  • SHA1

    0def5b228d636e0a839c51883b7077c7eb4cf9eb

  • SHA256

    12ac675257174206a70236522813f851ea0b8c194ffdd90e12ebb2ed8e5ed8d7

  • SHA512

    69f46751d9670d5adc7eff6382e4b98d1b314c2b7c0a2c0f708b31adafc25ed21de32883e69c4df8cd9a1d76eccacc670a1aa8b50064f3f870f33e2d97236967

  • SSDEEP

    6144:STz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:STBPFV0RyWl3h2E+7pYm0

Score
7/10

Malware Config

Targets

    • Target

      2024-05-03_d9b6f44dc1badca21a3a5945c5218252_mafia_nionspy

    • Size

      344KB

    • MD5

      d9b6f44dc1badca21a3a5945c5218252

    • SHA1

      0def5b228d636e0a839c51883b7077c7eb4cf9eb

    • SHA256

      12ac675257174206a70236522813f851ea0b8c194ffdd90e12ebb2ed8e5ed8d7

    • SHA512

      69f46751d9670d5adc7eff6382e4b98d1b314c2b7c0a2c0f708b31adafc25ed21de32883e69c4df8cd9a1d76eccacc670a1aa8b50064f3f870f33e2d97236967

    • SSDEEP

      6144:STz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:STBPFV0RyWl3h2E+7pYm0

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks