Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3fbef1ae463b35ccf49595c96a371300_NeikiAnalytics

  • Size

    21KB

  • Sample

    240514-26cttsdf74

  • MD5

    3fbef1ae463b35ccf49595c96a371300

  • SHA1

    26988ffacfe8ea90583913a12afa3e3a9e23c6b0

  • SHA256

    d1c1a184de12f4100498bd77fd88d14aea7658be0d8ea82f83ed160b29fa38d9

  • SHA512

    cb8a3097d1af8e97f8962d2ab1c451d5076168c4754848a999df5cd37a6a6f09c1e3274e67886f89c8ff07d221282b7897f4594f0857473246ee61192f32f9e9

  • SSDEEP

    384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX8Mb7a6p:rRkiLw3HsDSARGG/MMb7rp

Malware Config

Targets

    • Target

      3fbef1ae463b35ccf49595c96a371300_NeikiAnalytics

    • Size

      21KB

    • MD5

      3fbef1ae463b35ccf49595c96a371300

    • SHA1

      26988ffacfe8ea90583913a12afa3e3a9e23c6b0

    • SHA256

      d1c1a184de12f4100498bd77fd88d14aea7658be0d8ea82f83ed160b29fa38d9

    • SHA512

      cb8a3097d1af8e97f8962d2ab1c451d5076168c4754848a999df5cd37a6a6f09c1e3274e67886f89c8ff07d221282b7897f4594f0857473246ee61192f32f9e9

    • SSDEEP

      384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX8Mb7a6p:rRkiLw3HsDSARGG/MMb7rp

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks