Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9a50e8a47e2bee42c55d1033d1c22bb0_NeikiAnalytics
-
Size
1.5MB
-
Sample
240511-hxj21afc97
-
MD5
9a50e8a47e2bee42c55d1033d1c22bb0
-
SHA1
23c027e24452ff791b2d81ad0df5a9bfadbd62c8
-
SHA256
c94f3c61c58189372d0c2306b4c69b72c0063fd0df0984e979fa606b94038470
-
SHA512
aff8129b611c8133d19f3e7de32744711ba85d8554d7c50102aa026cdc0715537cc8f672b6e382a4ada40de94a3240d8f9219c377ebab074657f29b837c83cc8
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkipfzaCtNcQcAupaXHeYusCJ7MNXnHBvV+0l:Lz071uv4BPMki8CnfLDCtWHpMU
Malware Config
Targets
-
-
Target
9a50e8a47e2bee42c55d1033d1c22bb0_NeikiAnalytics
-
Size
1.5MB
-
MD5
9a50e8a47e2bee42c55d1033d1c22bb0
-
SHA1
23c027e24452ff791b2d81ad0df5a9bfadbd62c8
-
SHA256
c94f3c61c58189372d0c2306b4c69b72c0063fd0df0984e979fa606b94038470
-
SHA512
aff8129b611c8133d19f3e7de32744711ba85d8554d7c50102aa026cdc0715537cc8f672b6e382a4ada40de94a3240d8f9219c377ebab074657f29b837c83cc8
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkipfzaCtNcQcAupaXHeYusCJ7MNXnHBvV+0l:Lz071uv4BPMki8CnfLDCtWHpMU
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-