Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

72fd6e866a...KI.exe

windows7-x64

7

72fd6e866a...KI.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    72fd6e866a4b053c05123393dd6fcae0_NEIKI

  • Size

    4.0MB

  • Sample

    240508-aeytfafh2x

  • MD5

    72fd6e866a4b053c05123393dd6fcae0

  • SHA1

    c914dd795c00507039d5e7527e893c8008d0c0d3

  • SHA256

    122206905a59e09641f7da160b560adeb1dba86878af315b65de07fae12b8331

  • SHA512

    3fdaed3acf28795f0fe80b5af203dde3b375596a292d6e1161d1313a3aaedc80fcc4a99e35a392ae1116294b1eee63be41aba2fe9b558df66e62b7d1b25d61dd

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBHB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpQbVz8eLFcz

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      72fd6e866a4b053c05123393dd6fcae0_NEIKI

    • Size

      4.0MB

    • MD5

      72fd6e866a4b053c05123393dd6fcae0

    • SHA1

      c914dd795c00507039d5e7527e893c8008d0c0d3

    • SHA256

      122206905a59e09641f7da160b560adeb1dba86878af315b65de07fae12b8331

    • SHA512

      3fdaed3acf28795f0fe80b5af203dde3b375596a292d6e1161d1313a3aaedc80fcc4a99e35a392ae1116294b1eee63be41aba2fe9b558df66e62b7d1b25d61dd

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBHB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpQbVz8eLFcz

    Score
    7/10
    persistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks