Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

4413aee25d...KI.exe

windows7-x64

7

4413aee25d...KI.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4413aee25dc8ce8fe809ebba723e8240_NEIKI

  • Size

    819KB

  • Sample

    240508-lcw3lsde41

  • MD5

    4413aee25dc8ce8fe809ebba723e8240

  • SHA1

    d7378d9a205f4e39c0d95e45d35a636a57b85c60

  • SHA256

    20061f0bf2246fc6a37746775c29a3998bceff26f807327772c5523d8a987c04

  • SHA512

    e8a422f072b5e0e880427f18cbf87218f9b43e4d54721b77002992bcf302e5586608d2c17d8ed340232aaf10d0cc97920cb4e1fae9d5b931ffca450ac9ed0b1f

  • SSDEEP

    12288:Go08BDxT2mSXc3ajG+hjQKymY8efKCpD7Gj9G6G1qT8nQkCu83L3Wl/np9DBDt3b:GH8PT2sqjnhMgeiCl7G0nehbGZpbD

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      4413aee25dc8ce8fe809ebba723e8240_NEIKI

    • Size

      819KB

    • MD5

      4413aee25dc8ce8fe809ebba723e8240

    • SHA1

      d7378d9a205f4e39c0d95e45d35a636a57b85c60

    • SHA256

      20061f0bf2246fc6a37746775c29a3998bceff26f807327772c5523d8a987c04

    • SHA512

      e8a422f072b5e0e880427f18cbf87218f9b43e4d54721b77002992bcf302e5586608d2c17d8ed340232aaf10d0cc97920cb4e1fae9d5b931ffca450ac9ed0b1f

    • SSDEEP

      12288:Go08BDxT2mSXc3ajG+hjQKymY8efKCpD7Gj9G6G1qT8nQkCu83L3Wl/np9DBDt3b:GH8PT2sqjnhMgeiCl7G0nehbGZpbD

    Score
    7/10
    spywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks