Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-08-20...py.exe

windows7-x64

7

2024-08-20...py.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-08-20_c7b30626a6658c8694990daaa35fc6c4_mafia_nionspy

  • Size

    274KB

  • Sample

    240820-lhp69avbjf

  • MD5

    c7b30626a6658c8694990daaa35fc6c4

  • SHA1

    5e27fb1a658b802c17aa60d2a78f6d18b51098bf

  • SHA256

    cdab40e5668d72dd1765a4c68781931560217ab30acb8bc55f0f83101dfc56cd

  • SHA512

    ed10f6fe269f105a229f9e6911e6ef8adc7cb6f5f8b2bd5e4d35b76d8afcbda69263b88736c4b2ec1419af8fc6120509fab036836151da9f761699898ba02da2

  • SSDEEP

    6144:HXYvZ6brUj+bvqHXSpWr2Kqz83Oad3Jg4PlPDIQ+KLzDDg:3YvEbrUjp3SpWggd3JBPlPDIQ3g

Score
7/10
discovery

Malware Config

Targets

    • Target

      2024-08-20_c7b30626a6658c8694990daaa35fc6c4_mafia_nionspy

    • Size

      274KB

    • MD5

      c7b30626a6658c8694990daaa35fc6c4

    • SHA1

      5e27fb1a658b802c17aa60d2a78f6d18b51098bf

    • SHA256

      cdab40e5668d72dd1765a4c68781931560217ab30acb8bc55f0f83101dfc56cd

    • SHA512

      ed10f6fe269f105a229f9e6911e6ef8adc7cb6f5f8b2bd5e4d35b76d8afcbda69263b88736c4b2ec1419af8fc6120509fab036836151da9f761699898ba02da2

    • SSDEEP

      6144:HXYvZ6brUj+bvqHXSpWr2Kqz83Oad3Jg4PlPDIQ+KLzDDg:3YvEbrUjp3SpWggd3JBPlPDIQ3g

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks