Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5668ba9a4990b618363ce7452b13c700_NEIKI

  • Size

    3.1MB

  • Sample

    240507-2n771seh47

  • MD5

    5668ba9a4990b618363ce7452b13c700

  • SHA1

    35f004ac8c4330b1e3e8715f5ff9606368694065

  • SHA256

    58003668c5097e85380da3d3155e672a25c29dadf5f37110c640137c7d2b4d85

  • SHA512

    d74903722f20aaf12a6bf3a047cd61a34719b3fd0a2c857600da87eec37f71d0bd9d5fd1d87632230b80ae1589298a5cb6c8fed5916dfbea84bb9a4f17c58cfc

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBNB/bSqz8:sxX7QnxrloE5dpUpKbVz8

Malware Config

Targets

    • Target

      5668ba9a4990b618363ce7452b13c700_NEIKI

    • Size

      3.1MB

    • MD5

      5668ba9a4990b618363ce7452b13c700

    • SHA1

      35f004ac8c4330b1e3e8715f5ff9606368694065

    • SHA256

      58003668c5097e85380da3d3155e672a25c29dadf5f37110c640137c7d2b4d85

    • SHA512

      d74903722f20aaf12a6bf3a047cd61a34719b3fd0a2c857600da87eec37f71d0bd9d5fd1d87632230b80ae1589298a5cb6c8fed5916dfbea84bb9a4f17c58cfc

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBNB/bSqz8:sxX7QnxrloE5dpUpKbVz8

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks