Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4a2b844cc3569863df29389496680c10_NeikiAnalytics

  • Size

    12KB

  • Sample

    240510-xmg7zsfc74

  • MD5

    4a2b844cc3569863df29389496680c10

  • SHA1

    485d6c18331112391d7ae64e6d35728fb10c3331

  • SHA256

    ac78ae6859e76adecb9a7d3832fcd7d78ecda878e47c1d747954bc5f17bf74f8

  • SHA512

    5a5329a4a19ec550b42d34b5581071a85b30c42890decfd1da67f92f70fc16f529b2d8b98edde470968924eb8f8706b8c802b7afa2f5b89c6611001cfb3c9cf1

  • SSDEEP

    384:FL7li/2ztq2DcEQvdhcJKLTp/NK9xado:FtM/Q9cdo

Score
7/10

Malware Config

Targets

    • Target

      4a2b844cc3569863df29389496680c10_NeikiAnalytics

    • Size

      12KB

    • MD5

      4a2b844cc3569863df29389496680c10

    • SHA1

      485d6c18331112391d7ae64e6d35728fb10c3331

    • SHA256

      ac78ae6859e76adecb9a7d3832fcd7d78ecda878e47c1d747954bc5f17bf74f8

    • SHA512

      5a5329a4a19ec550b42d34b5581071a85b30c42890decfd1da67f92f70fc16f529b2d8b98edde470968924eb8f8706b8c802b7afa2f5b89c6611001cfb3c9cf1

    • SSDEEP

      384:FL7li/2ztq2DcEQvdhcJKLTp/NK9xado:FtM/Q9cdo

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

MITRE ATT&CK Enterprise v15

Tasks