Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
208cc46a095afe8c984556cec3097ec0_NeikiAnalytics
-
Size
211KB
-
Sample
240513-1gtwdaef7x
-
MD5
208cc46a095afe8c984556cec3097ec0
-
SHA1
91d38e6348fabd7c1c901f9c871f1a94a4cdb1c4
-
SHA256
dc744862f33f7a231e99f67613748cf475337ab8cbc8a7b6cc02ce14c27e01a1
-
SHA512
c00287d33a39fc7ead37c3672fbd05943db37ac189b9eeaf39c35a1e701d9f9058559796ba098077a48b62eff396adbe869bb53ce471c233ced4d145ae8d246e
-
SSDEEP
3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOi:Jh8cBzHLRMpZ4d1Zi
Malware Config
Targets
-
-
Target
208cc46a095afe8c984556cec3097ec0_NeikiAnalytics
-
Size
211KB
-
MD5
208cc46a095afe8c984556cec3097ec0
-
SHA1
91d38e6348fabd7c1c901f9c871f1a94a4cdb1c4
-
SHA256
dc744862f33f7a231e99f67613748cf475337ab8cbc8a7b6cc02ce14c27e01a1
-
SHA512
c00287d33a39fc7ead37c3672fbd05943db37ac189b9eeaf39c35a1e701d9f9058559796ba098077a48b62eff396adbe869bb53ce471c233ced4d145ae8d246e
-
SSDEEP
3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOi:Jh8cBzHLRMpZ4d1Zi
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1