Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-07-09...py.exe

windows7-x64

7

2024-07-09...py.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-07-09_8f8ba6f02bc4e8cf335b0fbf9e7e632b_mafia_nionspy

  • Size

    344KB

  • Sample

    240709-3q9djatajm

  • MD5

    8f8ba6f02bc4e8cf335b0fbf9e7e632b

  • SHA1

    82eb07865f2047744bda841568366b0c80d50472

  • SHA256

    50db8fd04a704cd0d87fedd8f0e80dba04a404b01a083fbd1cc6608edd00a07e

  • SHA512

    2cb3f6587bc849905f0a32cae43081b04edcdc62df7aeefe0e533b840de3e22a072fd75bf7dd2653b8f6fff6b891f0fdc61dd32af88427a7e9541f335bde3bce

  • SSDEEP

    6144:8Tz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:8TBPFV0RyWl3h2E+7pYm0

Score
7/10

Malware Config

Targets

    • Target

      2024-07-09_8f8ba6f02bc4e8cf335b0fbf9e7e632b_mafia_nionspy

    • Size

      344KB

    • MD5

      8f8ba6f02bc4e8cf335b0fbf9e7e632b

    • SHA1

      82eb07865f2047744bda841568366b0c80d50472

    • SHA256

      50db8fd04a704cd0d87fedd8f0e80dba04a404b01a083fbd1cc6608edd00a07e

    • SHA512

      2cb3f6587bc849905f0a32cae43081b04edcdc62df7aeefe0e533b840de3e22a072fd75bf7dd2653b8f6fff6b891f0fdc61dd32af88427a7e9541f335bde3bce

    • SSDEEP

      6144:8Tz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDBRm1+gmN:8TBPFV0RyWl3h2E+7pYm0

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks