Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b972c00bf289a05a128a74d75f723c20_NeikiAnalytics
-
Size
77KB
-
Sample
240514-k7462ahh4s
-
MD5
b972c00bf289a05a128a74d75f723c20
-
SHA1
38d43b1bf3f39b04a50a89776bb1b14961a6a4e4
-
SHA256
6d9f005b96f1ce8f3c0b009b36137155fb9e0eef124ee9be9c8575692837b91e
-
SHA512
91ec22d0c55f01dd78f5968d90ce25c96102fbf4843e60da3e39ad8ff2ba4ce59706d95e4ebf247d90a3b4ee17f589f43c1b4ac35b1bb7e17c779f68ac8e4078
-
SSDEEP
1536:ekeK40T/mx7y9v7Z/Z2V/GSAFRfBhpVoK5:FD40Dmx7y9DZ/Z2hGVkK5
Static task
static1
Behavioral task
behavioral1
Sample
b972c00bf289a05a128a74d75f723c20_NeikiAnalytics.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
b972c00bf289a05a128a74d75f723c20_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
b972c00bf289a05a128a74d75f723c20_NeikiAnalytics
-
Size
77KB
-
MD5
b972c00bf289a05a128a74d75f723c20
-
SHA1
38d43b1bf3f39b04a50a89776bb1b14961a6a4e4
-
SHA256
6d9f005b96f1ce8f3c0b009b36137155fb9e0eef124ee9be9c8575692837b91e
-
SHA512
91ec22d0c55f01dd78f5968d90ce25c96102fbf4843e60da3e39ad8ff2ba4ce59706d95e4ebf247d90a3b4ee17f589f43c1b4ac35b1bb7e17c779f68ac8e4078
-
SSDEEP
1536:ekeK40T/mx7y9v7Z/Z2V/GSAFRfBhpVoK5:FD40Dmx7y9DZ/Z2hGVkK5
Score10/10-
Modifies WinLogon for persistence
-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-