Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    37a140fe29eaec7bd519e87033aaa5c0_NEIKI

  • Size

    3.6MB

  • Sample

    240507-z42ztsgc3x

  • MD5

    37a140fe29eaec7bd519e87033aaa5c0

  • SHA1

    172be7464f4c1b5591f73a459cd643dccd4b7e00

  • SHA256

    e32dd1474a1f3f47c6d8ee19fba793c4cd900bc68350710d34ba6a3cac171788

  • SHA512

    af43c929359bbe3bd697a56122ce3d01b741b409a6250b1928b5e8633a5d8d845476711853897d5f0a4161f00cc155edc704ff7a6a4cdd3889680fe201cfd31b

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBiB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpVbVz8eLFcz

Malware Config

Targets

    • Target

      37a140fe29eaec7bd519e87033aaa5c0_NEIKI

    • Size

      3.6MB

    • MD5

      37a140fe29eaec7bd519e87033aaa5c0

    • SHA1

      172be7464f4c1b5591f73a459cd643dccd4b7e00

    • SHA256

      e32dd1474a1f3f47c6d8ee19fba793c4cd900bc68350710d34ba6a3cac171788

    • SHA512

      af43c929359bbe3bd697a56122ce3d01b741b409a6250b1928b5e8633a5d8d845476711853897d5f0a4161f00cc155edc704ff7a6a4cdd3889680fe201cfd31b

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBiB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpVbVz8eLFcz

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks