Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-08-11...py.exe

windows7-x64

7

2024-08-11...py.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-08-11_5f65453767848eb5978ba1e6d1528e8a_mafia_nionspy

  • Size

    280KB

  • Sample

    240811-p3gmdsvaqh

  • MD5

    5f65453767848eb5978ba1e6d1528e8a

  • SHA1

    a2b7355356d8a693256f0cd99a18a262fe449c95

  • SHA256

    cea8d1ebadf8352bb5f6fef97267cced01a7208b2eaf2d9f7f37705cc759b64b

  • SHA512

    98a4a62ff3562b72933df0166a6056c4272d7b0b91d8b6f0f978ded36e2de9edbdb34eca326f3007d80fa00fd5511fc4ff2c347a7e3808498d955a7303ef1c19

  • SSDEEP

    6144:5Tz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:5TBPFV0RyWl3h2E+7pl

Score
7/10
discovery

Malware Config

Targets

    • Target

      2024-08-11_5f65453767848eb5978ba1e6d1528e8a_mafia_nionspy

    • Size

      280KB

    • MD5

      5f65453767848eb5978ba1e6d1528e8a

    • SHA1

      a2b7355356d8a693256f0cd99a18a262fe449c95

    • SHA256

      cea8d1ebadf8352bb5f6fef97267cced01a7208b2eaf2d9f7f37705cc759b64b

    • SHA512

      98a4a62ff3562b72933df0166a6056c4272d7b0b91d8b6f0f978ded36e2de9edbdb34eca326f3007d80fa00fd5511fc4ff2c347a7e3808498d955a7303ef1c19

    • SSDEEP

      6144:5Tz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:5TBPFV0RyWl3h2E+7pl

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks