Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    420f9d09781da5efa88c07bc6464c350_NeikiAnalytics

  • Size

    170KB

  • Sample

    240514-3djx4sdf2z

  • MD5

    420f9d09781da5efa88c07bc6464c350

  • SHA1

    e484e30648fd498b28128ed8145e5164c80a1b8f

  • SHA256

    7e14114a882e13f10fc3dba19d4f70f4c804f34584fcd816e92ff54764b44fee

  • SHA512

    ed1dcced5a5db08e0037570fd27482685c3e832383cf07a5bf80bd0bd703d0a82c4f5a60198324d477a7eb0445b9f474493b074fcbbfce9dd83d27aede6c37a9

  • SSDEEP

    3072:s/JpOm5axh63laEo+pXX1pQD2UCohD8mxLCj+5cmeDye42L712xrpdJ8xLeb7Ux:sBAm5oh63laEo+pXX1pkF8mxeq5+4m7D

Score
7/10

Malware Config

Targets

    • Target

      420f9d09781da5efa88c07bc6464c350_NeikiAnalytics

    • Size

      170KB

    • MD5

      420f9d09781da5efa88c07bc6464c350

    • SHA1

      e484e30648fd498b28128ed8145e5164c80a1b8f

    • SHA256

      7e14114a882e13f10fc3dba19d4f70f4c804f34584fcd816e92ff54764b44fee

    • SHA512

      ed1dcced5a5db08e0037570fd27482685c3e832383cf07a5bf80bd0bd703d0a82c4f5a60198324d477a7eb0445b9f474493b074fcbbfce9dd83d27aede6c37a9

    • SSDEEP

      3072:s/JpOm5axh63laEo+pXX1pQD2UCohD8mxLCj+5cmeDye42L712xrpdJ8xLeb7Ux:sBAm5oh63laEo+pXX1pkF8mxeq5+4m7D

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks