Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a491bf56266133c25c886f9f9d1969d0_NeikiAnalytics

  • Size

    256KB

  • Sample

    240510-jjze7sba2v

  • MD5

    a491bf56266133c25c886f9f9d1969d0

  • SHA1

    5361d71b4b444401981cc3497ba397c347d6cd17

  • SHA256

    e824d82b8eadff42e5193d97acc58d97a95677cd9d39a14dc86d88bf91759363

  • SHA512

    33ba59b080d05ef99c63b625abacefd2261960d63715d5b22aa202dc1775e8393276f2232a68472b76790c53b1ddfb89be1ce0fde3affafb90a9562ef23c729d

  • SSDEEP

    6144:2DLQxoyQ1LpnFyZ+dayL9rvolH8u3ZhGod:GQCyQ1LHk+zR7QHjGo

Malware Config

Targets

    • Target

      a491bf56266133c25c886f9f9d1969d0_NeikiAnalytics

    • Size

      256KB

    • MD5

      a491bf56266133c25c886f9f9d1969d0

    • SHA1

      5361d71b4b444401981cc3497ba397c347d6cd17

    • SHA256

      e824d82b8eadff42e5193d97acc58d97a95677cd9d39a14dc86d88bf91759363

    • SHA512

      33ba59b080d05ef99c63b625abacefd2261960d63715d5b22aa202dc1775e8393276f2232a68472b76790c53b1ddfb89be1ce0fde3affafb90a9562ef23c729d

    • SSDEEP

      6144:2DLQxoyQ1LpnFyZ+dayL9rvolH8u3ZhGod:GQCyQ1LHk+zR7QHjGo

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Deletes itself

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks