Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

7

a5dd2daa66...KI.exe

windows7-x64

10

a5dd2daa66...KI.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a5dd2daa6666502240d5a7bb0d6611b0_NEIKI

  • Size

    19KB

  • Sample

    240509-ab8jgafb8z

  • MD5

    a5dd2daa6666502240d5a7bb0d6611b0

  • SHA1

    2df076f3411d8745a19ce00bdea81fd62894e677

  • SHA256

    7d8624ed52ffd3b85da670994bfaefded16c7849ce5935f4a912c06fc769aa05

  • SHA512

    de3350a6ccbe5a38795b63e50d4146e25aec8de9fb668d23d3a1884c0514bcfe2d3a27a9363892d2c8b8ac42d7001f609ae7e4f501122764fd3246aced4c9012

  • SSDEEP

    384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX+fauB:rRkiLw3HsDSARGG/uv

Score
10/10
evasionpersistencetrojanupx

Malware Config

Targets

    • Target

      a5dd2daa6666502240d5a7bb0d6611b0_NEIKI

    • Size

      19KB

    • MD5

      a5dd2daa6666502240d5a7bb0d6611b0

    • SHA1

      2df076f3411d8745a19ce00bdea81fd62894e677

    • SHA256

      7d8624ed52ffd3b85da670994bfaefded16c7849ce5935f4a912c06fc769aa05

    • SHA512

      de3350a6ccbe5a38795b63e50d4146e25aec8de9fb668d23d3a1884c0514bcfe2d3a27a9363892d2c8b8ac42d7001f609ae7e4f501122764fd3246aced4c9012

    • SSDEEP

      384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX+fauB:rRkiLw3HsDSARGG/uv

    Score
    10/10
    evasionpersistencetrojanupx

    • Windows security bypass

      evasiontrojan

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

      persistence

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Windows security modification

      evasiontrojan

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks