Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    500d88c959a3e5a30764bf3f8728d3c0_NeikiAnalytics

  • Size

    12KB

  • Sample

    240512-ytlpesha95

  • MD5

    500d88c959a3e5a30764bf3f8728d3c0

  • SHA1

    775679d39f79daa12d6d77c60074d30c1438a6de

  • SHA256

    25ea33f3e06d0e4eed64cef88daa440fa05e7a3121ab8c86c86a3b20ae1e5cf8

  • SHA512

    a19d050649fde2c06aec1bcb1d8b0e6210b09cbf29fc982b573b02bccca8d3dd00bae148a83595c2a3ea4259ada50e2ebdb23d525f9e8aac5703aa680336653a

  • SSDEEP

    384:qL7li/2zoq2DcEQvdhcJKLTp/NK9xamz:0UM/Q9cmz

Score
7/10

Malware Config

Targets

    • Target

      500d88c959a3e5a30764bf3f8728d3c0_NeikiAnalytics

    • Size

      12KB

    • MD5

      500d88c959a3e5a30764bf3f8728d3c0

    • SHA1

      775679d39f79daa12d6d77c60074d30c1438a6de

    • SHA256

      25ea33f3e06d0e4eed64cef88daa440fa05e7a3121ab8c86c86a3b20ae1e5cf8

    • SHA512

      a19d050649fde2c06aec1bcb1d8b0e6210b09cbf29fc982b573b02bccca8d3dd00bae148a83595c2a3ea4259ada50e2ebdb23d525f9e8aac5703aa680336653a

    • SSDEEP

      384:qL7li/2zoq2DcEQvdhcJKLTp/NK9xamz:0UM/Q9cmz

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

MITRE ATT&CK Enterprise v15

Tasks