Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ab3f263588c2645976588aac33fb1140_NeikiAnalytics
-
Size
51KB
-
Sample
240513-kmtvkaeg7w
-
MD5
ab3f263588c2645976588aac33fb1140
-
SHA1
e96e61ca24089a9fe9cef9f4b145f50924e6b77d
-
SHA256
65d0737fbff068526bc46199bae65ac84b1e11c93a126fa8e828ddab0f134df8
-
SHA512
61cea220f571724680c1295772e1b058a59ca9978265c3bdb93cb64ba605093f29a357c589e09764b4cf29cea5815c797af6207f25601a5b8a8e990d250367f4
-
SSDEEP
768:nNAGAkIo/juokwoL7627d9rIiClJAxiFkJT22euOiya6lHOYxY0x0KS3w:nNJb/HkwoLe29UjQ4wqQOLIMVnS3w
Behavioral task
behavioral1
Sample
ab3f263588c2645976588aac33fb1140_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
ab3f263588c2645976588aac33fb1140_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
ab3f263588c2645976588aac33fb1140_NeikiAnalytics
-
Size
51KB
-
MD5
ab3f263588c2645976588aac33fb1140
-
SHA1
e96e61ca24089a9fe9cef9f4b145f50924e6b77d
-
SHA256
65d0737fbff068526bc46199bae65ac84b1e11c93a126fa8e828ddab0f134df8
-
SHA512
61cea220f571724680c1295772e1b058a59ca9978265c3bdb93cb64ba605093f29a357c589e09764b4cf29cea5815c797af6207f25601a5b8a8e990d250367f4
-
SSDEEP
768:nNAGAkIo/juokwoL7627d9rIiClJAxiFkJT22euOiya6lHOYxY0x0KS3w:nNJb/HkwoLe29UjQ4wqQOLIMVnS3w
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Drops file in Drivers directory
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1