Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9e658ebc1fbf4d03882778199ffc6cb0_NEIKI

  • Size

    2.6MB

  • Sample

    240508-cdhryafb82

  • MD5

    9e658ebc1fbf4d03882778199ffc6cb0

  • SHA1

    0684311b9ff7bd9b361b203f955cfd07565af411

  • SHA256

    d2d54c7a601e12a485b2bef30178504df8cf0c1ecacab31c9a486beda20cbdab

  • SHA512

    c549cd0b0fc972cb90724d0539bb8bca23bf4875770618b15d7cae713f2e219284a9226429fcbf10196e122d4ace91a6f947008631d6a61d4ec822959431c25c

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBwB/bS:sxX7QnxrloE5dpUpXb

Malware Config

Targets

    • Target

      9e658ebc1fbf4d03882778199ffc6cb0_NEIKI

    • Size

      2.6MB

    • MD5

      9e658ebc1fbf4d03882778199ffc6cb0

    • SHA1

      0684311b9ff7bd9b361b203f955cfd07565af411

    • SHA256

      d2d54c7a601e12a485b2bef30178504df8cf0c1ecacab31c9a486beda20cbdab

    • SHA512

      c549cd0b0fc972cb90724d0539bb8bca23bf4875770618b15d7cae713f2e219284a9226429fcbf10196e122d4ace91a6f947008631d6a61d4ec822959431c25c

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBwB/bS:sxX7QnxrloE5dpUpXb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks