Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

01adbc0c45...cs.exe

windows7-x64

7

01adbc0c45...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    01adbc0c459f956cc47c1f7c8de6a720_NeikiAnalytics

  • Size

    127KB

  • Sample

    240509-1bcd5saf98

  • MD5

    01adbc0c459f956cc47c1f7c8de6a720

  • SHA1

    4f6435f3419974f4f69cb18fe1d407e27b319763

  • SHA256

    5d31ec657a387fa2d340896430618b016d867fb80068bba4ea2c13b0c885fc77

  • SHA512

    c47cbcf97e913086c1ee32300f6e5c1f9b82f3045219f19ef186503df6ff822cf142585a4e87eaf906a5a79af0b66934d6cdb324a37594376c5bb374f6712ce1

  • SSDEEP

    3072:6OjWuyt0ZHqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPL:6IH9OKofHfHTXQLzgvnzHPowYbvrjD/O

Score
7/10
persistence

Malware Config

Targets

    • Target

      01adbc0c459f956cc47c1f7c8de6a720_NeikiAnalytics

    • Size

      127KB

    • MD5

      01adbc0c459f956cc47c1f7c8de6a720

    • SHA1

      4f6435f3419974f4f69cb18fe1d407e27b319763

    • SHA256

      5d31ec657a387fa2d340896430618b016d867fb80068bba4ea2c13b0c885fc77

    • SHA512

      c47cbcf97e913086c1ee32300f6e5c1f9b82f3045219f19ef186503df6ff822cf142585a4e87eaf906a5a79af0b66934d6cdb324a37594376c5bb374f6712ce1

    • SSDEEP

      3072:6OjWuyt0ZHqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPL:6IH9OKofHfHTXQLzgvnzHPowYbvrjD/O

    Score
    7/10
    persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks