Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1680e6d541b9a78ae369888478a76420_NeikiAnalytics

  • Size

    3.7MB

  • Sample

    240512-qxbdvsgh2w

  • MD5

    1680e6d541b9a78ae369888478a76420

  • SHA1

    36ab8115107b1e54935ed5c9edd0cf14a180a30a

  • SHA256

    36ab349fe80c0bbe713bff252ea90b2222a4a5de9d03045e9356dfb3bf2f3fce

  • SHA512

    5ab7d3b7c15468481540364011afe510ad379760f20dc21ee26bfc3a3bbb06865e3b89338142fc124900df28f50243369856bf87e29376677e7f492513744a6e

  • SSDEEP

    98304:e3obcEffDvnh88mNuHMiABZlZlpGiuKvBGMQ9jfW:es7nhVPPiXHGbkAhlW

Malware Config

Targets

    • Target

      1680e6d541b9a78ae369888478a76420_NeikiAnalytics

    • Size

      3.7MB

    • MD5

      1680e6d541b9a78ae369888478a76420

    • SHA1

      36ab8115107b1e54935ed5c9edd0cf14a180a30a

    • SHA256

      36ab349fe80c0bbe713bff252ea90b2222a4a5de9d03045e9356dfb3bf2f3fce

    • SHA512

      5ab7d3b7c15468481540364011afe510ad379760f20dc21ee26bfc3a3bbb06865e3b89338142fc124900df28f50243369856bf87e29376677e7f492513744a6e

    • SSDEEP

      98304:e3obcEffDvnh88mNuHMiABZlZlpGiuKvBGMQ9jfW:es7nhVPPiXHGbkAhlW

    • Modifies AppInit DLL entries

    • Executes dropped EXE

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

MITRE ATT&CK Enterprise v15

Tasks