Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f2c5835996b347d8db9621bd4e5de4d1_NEIKI

  • Size

    63KB

  • Sample

    240509-pwyx4aab2s

  • MD5

    f2c5835996b347d8db9621bd4e5de4d1

  • SHA1

    16e6f96e032425aab38b009c3539e8e408910264

  • SHA256

    9b134817c6265a60d82c47277cf06b3c1cb495f6f75faade94e437032f2a5b97

  • SHA512

    8889a66d02e88160385b767cac8d882ca0897dc1ec204789ba6a48579bbb8719f43dd1c07689e553a0d105f6a3c086e06865054af0172ed32a984f37bdb6f42f

  • SSDEEP

    768:rAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGKQLddOW/Y4Wv0eKIs88:sUNHFKQbIkHvGMdOP4wC

Malware Config

Targets

    • Target

      f2c5835996b347d8db9621bd4e5de4d1_NEIKI

    • Size

      63KB

    • MD5

      f2c5835996b347d8db9621bd4e5de4d1

    • SHA1

      16e6f96e032425aab38b009c3539e8e408910264

    • SHA256

      9b134817c6265a60d82c47277cf06b3c1cb495f6f75faade94e437032f2a5b97

    • SHA512

      8889a66d02e88160385b767cac8d882ca0897dc1ec204789ba6a48579bbb8719f43dd1c07689e553a0d105f6a3c086e06865054af0172ed32a984f37bdb6f42f

    • SSDEEP

      768:rAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGKQLddOW/Y4Wv0eKIs88:sUNHFKQbIkHvGMdOP4wC

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks