Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b972c00bf289a05a128a74d75f723c20_NeikiAnalytics

  • Size

    77KB

  • Sample

    240514-k7462ahh4s

  • MD5

    b972c00bf289a05a128a74d75f723c20

  • SHA1

    38d43b1bf3f39b04a50a89776bb1b14961a6a4e4

  • SHA256

    6d9f005b96f1ce8f3c0b009b36137155fb9e0eef124ee9be9c8575692837b91e

  • SHA512

    91ec22d0c55f01dd78f5968d90ce25c96102fbf4843e60da3e39ad8ff2ba4ce59706d95e4ebf247d90a3b4ee17f589f43c1b4ac35b1bb7e17c779f68ac8e4078

  • SSDEEP

    1536:ekeK40T/mx7y9v7Z/Z2V/GSAFRfBhpVoK5:FD40Dmx7y9DZ/Z2hGVkK5

Score
10/10

Malware Config

Targets

    • Target

      b972c00bf289a05a128a74d75f723c20_NeikiAnalytics

    • Size

      77KB

    • MD5

      b972c00bf289a05a128a74d75f723c20

    • SHA1

      38d43b1bf3f39b04a50a89776bb1b14961a6a4e4

    • SHA256

      6d9f005b96f1ce8f3c0b009b36137155fb9e0eef124ee9be9c8575692837b91e

    • SHA512

      91ec22d0c55f01dd78f5968d90ce25c96102fbf4843e60da3e39ad8ff2ba4ce59706d95e4ebf247d90a3b4ee17f589f43c1b4ac35b1bb7e17c779f68ac8e4078

    • SSDEEP

      1536:ekeK40T/mx7y9v7Z/Z2V/GSAFRfBhpVoK5:FD40Dmx7y9DZ/Z2hGVkK5

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks