Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    697312078fdb9d08132cb870315f1a20_NeikiAnalytics

  • Size

    6.8MB

  • Sample

    240510-etvgsaad5s

  • MD5

    697312078fdb9d08132cb870315f1a20

  • SHA1

    72ff17cb7835ae61dc9b7d8f87d7ad6c61f9b517

  • SHA256

    d0e4bf4fb20936632dadf5abeb042bb14a2529609ddd9760198d662dc24c4061

  • SHA512

    ed05a112c18bb42735334a992dedf1f986cc80329cc2bae2a54a794c4bd3c13d5948071065077398b9dc61890fc67fbc1fd78dc8f37cca7f677e675188c80541

  • SSDEEP

    196608:53sTKJBnrVx0/E4FnbYn2iSlloTvlK1FqW6X1:53aKJBw/ELn2XGzlKH2X

Score
8/10

Malware Config

Targets

    • Target

      697312078fdb9d08132cb870315f1a20_NeikiAnalytics

    • Size

      6.8MB

    • MD5

      697312078fdb9d08132cb870315f1a20

    • SHA1

      72ff17cb7835ae61dc9b7d8f87d7ad6c61f9b517

    • SHA256

      d0e4bf4fb20936632dadf5abeb042bb14a2529609ddd9760198d662dc24c4061

    • SHA512

      ed05a112c18bb42735334a992dedf1f986cc80329cc2bae2a54a794c4bd3c13d5948071065077398b9dc61890fc67fbc1fd78dc8f37cca7f677e675188c80541

    • SSDEEP

      196608:53sTKJBnrVx0/E4FnbYn2iSlloTvlK1FqW6X1:53aKJBw/ELn2XGzlKH2X

    Score
    8/10
    • Blocklisted process makes network request

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks