Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2083f01c1d4fa2ff424fa3e8bb74ec90_NeikiAnalytics

  • Size

    2.9MB

  • Sample

    240512-r9gbbabc2w

  • MD5

    2083f01c1d4fa2ff424fa3e8bb74ec90

  • SHA1

    d1eecf1adb88d3d2a91613416e39333cec0acc2b

  • SHA256

    f436cca565c2b617a1afe743be0cd6f42ffc33ba86429e34f72d36ba418caa92

  • SHA512

    f96d566cad83c9dee4bdbbe94016d7e3ef495f4d1e91a5324ab4974827893361255d97694d5f7af4c73afab0f587dd5cb3554b2cf30cec280ca69b04db1857ab

  • SSDEEP

    24576:bQVeiNQrKxliF66vxfOQA1axfG2YG5geDT7FaVA1axfG2YG5geDT7FaHTuTqBrih:bQHFQxOgRD/FkxOgRD/FcZiH

Score
8/10

Malware Config

Targets

    • Target

      2083f01c1d4fa2ff424fa3e8bb74ec90_NeikiAnalytics

    • Size

      2.9MB

    • MD5

      2083f01c1d4fa2ff424fa3e8bb74ec90

    • SHA1

      d1eecf1adb88d3d2a91613416e39333cec0acc2b

    • SHA256

      f436cca565c2b617a1afe743be0cd6f42ffc33ba86429e34f72d36ba418caa92

    • SHA512

      f96d566cad83c9dee4bdbbe94016d7e3ef495f4d1e91a5324ab4974827893361255d97694d5f7af4c73afab0f587dd5cb3554b2cf30cec280ca69b04db1857ab

    • SSDEEP

      24576:bQVeiNQrKxliF66vxfOQA1axfG2YG5geDT7FaVA1axfG2YG5geDT7FaHTuTqBrih:bQHFQxOgRD/FkxOgRD/FcZiH

    Score
    8/10
    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks