Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-08-17_fcc3f820ec3e436fde86de0e3a152c5e_mafia_nionspy
-
Size
280KB
-
Sample
240817-ehl19swcpf
-
MD5
fcc3f820ec3e436fde86de0e3a152c5e
-
SHA1
6c23afec8405cf2f648cc7f3c22218537b7baf18
-
SHA256
c4df89393e37753e2fc5d46de1bc1914b43962f1b9d050b6ed465b23d4b71e1f
-
SHA512
f6377963c3f9895604ed0cf8ab756ad2e0c8e4b5a5273a42b45ab2080f95bb0954a7ac6693d64aec5ef23f3b33864e5e46339ee7635c3ba6f992638c96b1c6b1
-
SSDEEP
6144:hTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:hTBPFV0RyWl3h2E+7pl
Malware Config
Targets
-
-
Target
2024-08-17_fcc3f820ec3e436fde86de0e3a152c5e_mafia_nionspy
-
Size
280KB
-
MD5
fcc3f820ec3e436fde86de0e3a152c5e
-
SHA1
6c23afec8405cf2f648cc7f3c22218537b7baf18
-
SHA256
c4df89393e37753e2fc5d46de1bc1914b43962f1b9d050b6ed465b23d4b71e1f
-
SHA512
f6377963c3f9895604ed0cf8ab756ad2e0c8e4b5a5273a42b45ab2080f95bb0954a7ac6693d64aec5ef23f3b33864e5e46339ee7635c3ba6f992638c96b1c6b1
-
SSDEEP
6144:hTz+WrPFZvTXb4RyW42vFlOloh2E+7pYUozDK:hTBPFV0RyWl3h2E+7pl
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-