Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    18201ab8fea5b6355f397e0f735fa830_NeikiAnalytics

  • Size

    66KB

  • Sample

    240511-th713ahe53

  • MD5

    18201ab8fea5b6355f397e0f735fa830

  • SHA1

    048e248dcfbec2ad904917b9b55fe1376b09de8b

  • SHA256

    3c4e278e34855819d71854f04f4141075bb706d2592d979d3393f81bd5c5244d

  • SHA512

    b3438579f16b6e57e1704dbb117aec0a91cdd9e4c1eda7feda4be2f47896009fa4b465f56cfdb897f188106923fb826c5a429ab356984872f6a75bea39f38b24

  • SSDEEP

    1536:EHfetdklPp+07gDSrB8Xru2zGeJxgawTzpXzrDJrXih:IeklMMYJhqezw/pXzH9ih

Malware Config

Targets

    • Target

      18201ab8fea5b6355f397e0f735fa830_NeikiAnalytics

    • Size

      66KB

    • MD5

      18201ab8fea5b6355f397e0f735fa830

    • SHA1

      048e248dcfbec2ad904917b9b55fe1376b09de8b

    • SHA256

      3c4e278e34855819d71854f04f4141075bb706d2592d979d3393f81bd5c5244d

    • SHA512

      b3438579f16b6e57e1704dbb117aec0a91cdd9e4c1eda7feda4be2f47896009fa4b465f56cfdb897f188106923fb826c5a429ab356984872f6a75bea39f38b24

    • SSDEEP

      1536:EHfetdklPp+07gDSrB8Xru2zGeJxgawTzpXzrDJrXih:IeklMMYJhqezw/pXzH9ih

    • Detects BazaLoader malware

      BazaLoader is a trojan that transmits logs to the Command and Control (C2) server, encoding them in BASE64 format through GET requests.

    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks