Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    76d8f1df3af443e80741800dea5a9070_NEIKI

  • Size

    3.0MB

  • Sample

    240508-akyqmaba54

  • MD5

    76d8f1df3af443e80741800dea5a9070

  • SHA1

    19deba8426ad0c2b842b3125d8a4077b4ed5cb24

  • SHA256

    107cc1212ea89108444411fe3e9f934f27d0b8646a5311fbc8040aef4b760a42

  • SHA512

    54c10e190efd36819f10adece6478db7444fd74a5bd3e6fb817ec41774f0c56cccb178d6e0237b525b11ed3f9f85d272afb7ff65d0477238c45ec01853472810

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBOB/bSqz8:sxX7QnxrloE5dpUpNbVz8

Malware Config

Targets

    • Target

      76d8f1df3af443e80741800dea5a9070_NEIKI

    • Size

      3.0MB

    • MD5

      76d8f1df3af443e80741800dea5a9070

    • SHA1

      19deba8426ad0c2b842b3125d8a4077b4ed5cb24

    • SHA256

      107cc1212ea89108444411fe3e9f934f27d0b8646a5311fbc8040aef4b760a42

    • SHA512

      54c10e190efd36819f10adece6478db7444fd74a5bd3e6fb817ec41774f0c56cccb178d6e0237b525b11ed3f9f85d272afb7ff65d0477238c45ec01853472810

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBOB/bSqz8:sxX7QnxrloE5dpUpNbVz8

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks