Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3adb607d458969940819c63695be0b30_NeikiAnalytics

  • Size

    3.3MB

  • Sample

    240511-apkdssad9w

  • MD5

    3adb607d458969940819c63695be0b30

  • SHA1

    bba5343088b732d54f611229e36205c41cf4a1b2

  • SHA256

    6f93fd6216cbb7d1163b6199dcf947d0feafcac74939f13b3136ab0ca3c7e4cd

  • SHA512

    54aea45975099b0ea201b853562c4a8b7b55e7bf5e28652b38f7f595f9b3bc05e03bdc7751c2a4d0b0b2d6b7ea9bc4f06a6697b2b971a4946c2fb60b2a980edd

  • SSDEEP

    98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWS:SbBeSFkW

Malware Config

Targets

    • Target

      3adb607d458969940819c63695be0b30_NeikiAnalytics

    • Size

      3.3MB

    • MD5

      3adb607d458969940819c63695be0b30

    • SHA1

      bba5343088b732d54f611229e36205c41cf4a1b2

    • SHA256

      6f93fd6216cbb7d1163b6199dcf947d0feafcac74939f13b3136ab0ca3c7e4cd

    • SHA512

      54aea45975099b0ea201b853562c4a8b7b55e7bf5e28652b38f7f595f9b3bc05e03bdc7751c2a4d0b0b2d6b7ea9bc4f06a6697b2b971a4946c2fb60b2a980edd

    • SSDEEP

      98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWS:SbBeSFkW

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks