Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c11337c76446143004c4363e62e3bd50_NeikiAnalytics

  • Size

    1.8MB

  • Sample

    240510-mazw6acb98

  • MD5

    c11337c76446143004c4363e62e3bd50

  • SHA1

    5ae01fb2d5bf2b18e0b235cb9f2c26f1d549dc27

  • SHA256

    a08b81fca74f535bedeaf4d8e0b23a5e4ef10e4bf327eaf9eb3ee0b25864a1c6

  • SHA512

    cec3208b1ba62ccbe636aa6103fedf77779c89d2608293cd7ba19b53c7feacd8ee90c891b4ea46660281ff8dd97853df5c44764981d8fe1e6f4777ccab4fa190

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82SflDrl0a:NAB2

Malware Config

Targets

    • Target

      c11337c76446143004c4363e62e3bd50_NeikiAnalytics

    • Size

      1.8MB

    • MD5

      c11337c76446143004c4363e62e3bd50

    • SHA1

      5ae01fb2d5bf2b18e0b235cb9f2c26f1d549dc27

    • SHA256

      a08b81fca74f535bedeaf4d8e0b23a5e4ef10e4bf327eaf9eb3ee0b25864a1c6

    • SHA512

      cec3208b1ba62ccbe636aa6103fedf77779c89d2608293cd7ba19b53c7feacd8ee90c891b4ea46660281ff8dd97853df5c44764981d8fe1e6f4777ccab4fa190

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82SflDrl0a:NAB2

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks