Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    512c28919e860cef54706356f703ad30_NeikiAnalytics

  • Size

    256KB

  • Sample

    240512-ayzj3sba49

  • MD5

    512c28919e860cef54706356f703ad30

  • SHA1

    73d3d40df0a2e8193a77b25830c9f7fa113b5322

  • SHA256

    3d8aae6a7c09a7cbee3b070f611bdc3e6000ea90a643471f25f2e65fbd150765

  • SHA512

    f56b1d47284bea2eb7282f05758a01ab96a7eb351a0937260cbd07b43f9a71dbc4a07dc592ada9f8c2355a802408bc1b4488ad18f3df97d0e01f3ac36d9a29f9

  • SSDEEP

    6144:tDLQxoyQ1LpnFyZ+dayL9rvolH8u3ZhGod:tQCyQ1LHk+zR7QHjGo

Malware Config

Targets

    • Target

      512c28919e860cef54706356f703ad30_NeikiAnalytics

    • Size

      256KB

    • MD5

      512c28919e860cef54706356f703ad30

    • SHA1

      73d3d40df0a2e8193a77b25830c9f7fa113b5322

    • SHA256

      3d8aae6a7c09a7cbee3b070f611bdc3e6000ea90a643471f25f2e65fbd150765

    • SHA512

      f56b1d47284bea2eb7282f05758a01ab96a7eb351a0937260cbd07b43f9a71dbc4a07dc592ada9f8c2355a802408bc1b4488ad18f3df97d0e01f3ac36d9a29f9

    • SSDEEP

      6144:tDLQxoyQ1LpnFyZ+dayL9rvolH8u3ZhGod:tQCyQ1LHk+zR7QHjGo

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Deletes itself

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks