Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

73e87473ea...cs.exe

windows7-x64

10

73e87473ea...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    73e87473ea0e8c0fa4ad32cc9a3faad0_NeikiAnalytics

  • Size

    78KB

  • Sample

    240511-ed1nvsbg4t

  • MD5

    73e87473ea0e8c0fa4ad32cc9a3faad0

  • SHA1

    94b239a4b26a2197087f9e2debced611391046a4

  • SHA256

    e76d3ae955b50a99834413bbfa0cd0ed583cc7f1dbc79fcf8b3b886ef0c5866b

  • SHA512

    96e04d7b17508f95447592e53c0ae6e21c36e2fa711955e1ea0ff3d6cafefa08035d9dc63b8f2dc75d4de49db0653233ac2daec80a62ff746851c20796229ce8

  • SSDEEP

    1536:We58MLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtt609/71Sb:We586E2EwR4uY41HyvY79/G

Score
10/10
metamorpherratpersistenceratstealertrojan

Malware Config

Targets

    • Target

      73e87473ea0e8c0fa4ad32cc9a3faad0_NeikiAnalytics

    • Size

      78KB

    • MD5

      73e87473ea0e8c0fa4ad32cc9a3faad0

    • SHA1

      94b239a4b26a2197087f9e2debced611391046a4

    • SHA256

      e76d3ae955b50a99834413bbfa0cd0ed583cc7f1dbc79fcf8b3b886ef0c5866b

    • SHA512

      96e04d7b17508f95447592e53c0ae6e21c36e2fa711955e1ea0ff3d6cafefa08035d9dc63b8f2dc75d4de49db0653233ac2daec80a62ff746851c20796229ce8

    • SSDEEP

      1536:We58MLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtt609/71Sb:We586E2EwR4uY41HyvY79/G

    Score
    10/10
    metamorpherratpersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks