Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c61e7d61a2d3fb46d53cf8395043b4d0_NEIKI

  • Size

    119KB

  • Sample

    240508-qshmdahd27

  • MD5

    c61e7d61a2d3fb46d53cf8395043b4d0

  • SHA1

    7f7926063a828b190cf41b4043007f561e3565d0

  • SHA256

    5356e532f3ed20944de09a0f02455093de8ea6ac8318411affbf86a02885d270

  • SHA512

    9284f686d392b47dcfbc4825b25e8551083db92d7db300b4c4af030672c39a413f05ca9ee851828d86b4e7eb8da167264d94b979aaf217a2ff1ca4ee7e0c3a30

  • SSDEEP

    3072:sOjWuyt0ZsqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPh:sIs9OKofHfHTXQLzgvnzHPowYbvrjD/E

Score
7/10

Malware Config

Targets

    • Target

      c61e7d61a2d3fb46d53cf8395043b4d0_NEIKI

    • Size

      119KB

    • MD5

      c61e7d61a2d3fb46d53cf8395043b4d0

    • SHA1

      7f7926063a828b190cf41b4043007f561e3565d0

    • SHA256

      5356e532f3ed20944de09a0f02455093de8ea6ac8318411affbf86a02885d270

    • SHA512

      9284f686d392b47dcfbc4825b25e8551083db92d7db300b4c4af030672c39a413f05ca9ee851828d86b4e7eb8da167264d94b979aaf217a2ff1ca4ee7e0c3a30

    • SSDEEP

      3072:sOjWuyt0ZsqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPh:sIs9OKofHfHTXQLzgvnzHPowYbvrjD/E

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks