Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a5dd2daa6666502240d5a7bb0d6611b0_NEIKI

  • Size

    19KB

  • Sample

    240509-ab8jgafb8z

  • MD5

    a5dd2daa6666502240d5a7bb0d6611b0

  • SHA1

    2df076f3411d8745a19ce00bdea81fd62894e677

  • SHA256

    7d8624ed52ffd3b85da670994bfaefded16c7849ce5935f4a912c06fc769aa05

  • SHA512

    de3350a6ccbe5a38795b63e50d4146e25aec8de9fb668d23d3a1884c0514bcfe2d3a27a9363892d2c8b8ac42d7001f609ae7e4f501122764fd3246aced4c9012

  • SSDEEP

    384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX+fauB:rRkiLw3HsDSARGG/uv

Malware Config

Targets

    • Target

      a5dd2daa6666502240d5a7bb0d6611b0_NEIKI

    • Size

      19KB

    • MD5

      a5dd2daa6666502240d5a7bb0d6611b0

    • SHA1

      2df076f3411d8745a19ce00bdea81fd62894e677

    • SHA256

      7d8624ed52ffd3b85da670994bfaefded16c7849ce5935f4a912c06fc769aa05

    • SHA512

      de3350a6ccbe5a38795b63e50d4146e25aec8de9fb668d23d3a1884c0514bcfe2d3a27a9363892d2c8b8ac42d7001f609ae7e4f501122764fd3246aced4c9012

    • SSDEEP

      384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX+fauB:rRkiLw3HsDSARGG/uv

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks