Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2600e36096...KI.exe

windows7-x64

7

2600e36096...KI.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2600e360966776078720722372390df0_NEIKI

  • Size

    12KB

  • Sample

    240507-y9s4faha99

  • MD5

    2600e360966776078720722372390df0

  • SHA1

    014d93d4235534ba28c475230e25fb04282ad1fb

  • SHA256

    f3aef209098577275f193a318d9019923f1536bc41a583cd519f49ee70728c34

  • SHA512

    51b8bbd05b81dafeb779ee0ee1ec6dd9e3e9349561bf84ba1703a5518f6ea7f5390a2d368ee7a8b7cf833120dfee6725500980170ba504df058c8126ed1464e6

  • SSDEEP

    384:QL7li/2ziq2DcEQvdhcJKLTp/NK9xaHL:O6M/Q9cHL

Score
7/10

Malware Config

Targets

    • Target

      2600e360966776078720722372390df0_NEIKI

    • Size

      12KB

    • MD5

      2600e360966776078720722372390df0

    • SHA1

      014d93d4235534ba28c475230e25fb04282ad1fb

    • SHA256

      f3aef209098577275f193a318d9019923f1536bc41a583cd519f49ee70728c34

    • SHA512

      51b8bbd05b81dafeb779ee0ee1ec6dd9e3e9349561bf84ba1703a5518f6ea7f5390a2d368ee7a8b7cf833120dfee6725500980170ba504df058c8126ed1464e6

    • SSDEEP

      384:QL7li/2ziq2DcEQvdhcJKLTp/NK9xaHL:O6M/Q9cHL

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks