Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dcec5319d1ed548b7523cda83292aad0_NEIKI

  • Size

    22KB

  • Sample

    240508-ry7n5ahc6t

  • MD5

    dcec5319d1ed548b7523cda83292aad0

  • SHA1

    d352a94f3510a1bee94d0657ae951cf498bee616

  • SHA256

    a945ee255ac7bc5751c05c4913b69c1f0397f176fe502c223f27b9d1ba2a5c37

  • SHA512

    28019f287be93831b71c7b58c0fa1f546a91a5aa7eed2b570eca49ed82b8a985b7cd59f029ea64cb08e7f777742585b9cf229fbffcd455e4ca88810b1c42f62a

  • SSDEEP

    384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX8Mb7a6Mr0:rRkiLw3HsDSARGG/MMb7rH

Malware Config

Targets

    • Target

      dcec5319d1ed548b7523cda83292aad0_NEIKI

    • Size

      22KB

    • MD5

      dcec5319d1ed548b7523cda83292aad0

    • SHA1

      d352a94f3510a1bee94d0657ae951cf498bee616

    • SHA256

      a945ee255ac7bc5751c05c4913b69c1f0397f176fe502c223f27b9d1ba2a5c37

    • SHA512

      28019f287be93831b71c7b58c0fa1f546a91a5aa7eed2b570eca49ed82b8a985b7cd59f029ea64cb08e7f777742585b9cf229fbffcd455e4ca88810b1c42f62a

    • SSDEEP

      384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX8Mb7a6Mr0:rRkiLw3HsDSARGG/MMb7rH

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks