Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

583eafb081...cs.exe

windows7-x64

7

583eafb081...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    583eafb081b3d56529107fd01d8b729e3baf7dd75cae9aad0742c75e63fd3547_NeikiAnalytics

  • Size

    75KB

  • Sample

    240521-q17apsfh87

  • MD5

    379ec2a3507a4c38e2165bb2662eb4b0

  • SHA1

    536f43d29568720e32303e56a4d64314b25650cc

  • SHA256

    583eafb081b3d56529107fd01d8b729e3baf7dd75cae9aad0742c75e63fd3547

  • SHA512

    8db55d772ea71810defcf92c167634432318977f41689165eb6ba111bae546d2cf8e572f517e2eb094d2e02fe8b639dc39ccfd4e19288e2e469007c26f5a0f1b

  • SSDEEP

    1536:fx1Qja7luy6y0s4sqfkbnAKBOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T36:5OjWuyt0ZsqsXOKofHfHTXQLzgvnzHPC

Score
7/10
persistence

Malware Config

Targets

    • Target

      583eafb081b3d56529107fd01d8b729e3baf7dd75cae9aad0742c75e63fd3547_NeikiAnalytics

    • Size

      75KB

    • MD5

      379ec2a3507a4c38e2165bb2662eb4b0

    • SHA1

      536f43d29568720e32303e56a4d64314b25650cc

    • SHA256

      583eafb081b3d56529107fd01d8b729e3baf7dd75cae9aad0742c75e63fd3547

    • SHA512

      8db55d772ea71810defcf92c167634432318977f41689165eb6ba111bae546d2cf8e572f517e2eb094d2e02fe8b639dc39ccfd4e19288e2e469007c26f5a0f1b

    • SSDEEP

      1536:fx1Qja7luy6y0s4sqfkbnAKBOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T36:5OjWuyt0ZsqsXOKofHfHTXQLzgvnzHPC

    Score
    7/10
    persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks