Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    adecfb5b8996d248a5e1e07696bc6480_NeikiAnalytics

  • Size

    66KB

  • Sample

    240515-kba83sha73

  • MD5

    adecfb5b8996d248a5e1e07696bc6480

  • SHA1

    baf4cf9a429bf3e66c4358313da5b125eea0a768

  • SHA256

    0aae33ce54246b6439d6f09ebd0c9d11493f3f548ccd0b29c65089007c4f5e71

  • SHA512

    37048e8dd49984beb461994fdcee8c991b54862a8b201d346b8a88313f81cca57cdc16614e7a6438d220ff6609f5e38caae2ea0df6f0207cd997b64b9a456398

  • SSDEEP

    1536:EHfetdklPp+07gDSrB8Xru2zGeJxgawTzpXzrDJrXiW:IeklMMYJhqezw/pXzH9iW

Malware Config

Targets

    • Target

      adecfb5b8996d248a5e1e07696bc6480_NeikiAnalytics

    • Size

      66KB

    • MD5

      adecfb5b8996d248a5e1e07696bc6480

    • SHA1

      baf4cf9a429bf3e66c4358313da5b125eea0a768

    • SHA256

      0aae33ce54246b6439d6f09ebd0c9d11493f3f548ccd0b29c65089007c4f5e71

    • SHA512

      37048e8dd49984beb461994fdcee8c991b54862a8b201d346b8a88313f81cca57cdc16614e7a6438d220ff6609f5e38caae2ea0df6f0207cd997b64b9a456398

    • SSDEEP

      1536:EHfetdklPp+07gDSrB8Xru2zGeJxgawTzpXzrDJrXiW:IeklMMYJhqezw/pXzH9iW

    • Detects BazaLoader malware

      BazaLoader is a trojan that transmits logs to the Command and Control (C2) server, encoding them in BASE64 format through GET requests.

    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks