Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    aed07f00b67382027af544a03ae22ea0_NeikiAnalytics

  • Size

    457KB

  • Sample

    240515-kc8wqshb65

  • MD5

    aed07f00b67382027af544a03ae22ea0

  • SHA1

    b984c64693f050d8d44b084b9da26442b7569630

  • SHA256

    e926c75748a58a92966a499b1503c7d06205bc823dd21e0b7d6257d8d1eaf423

  • SHA512

    2e9839ccce890a99339b5587e8df4da06d20ba85de261730beba8ca4c301b716d97ab7c8cb01c504dc06d6ba574ad7bb20771a79600c20b9e7f3b36af5f908aa

  • SSDEEP

    6144:mY+32WWluqvHpVmXWEjFJRWci+WUd20rUU5EYCTvaBju4zh:dnWwvHpVmXpjJIUd2cUusvalxzh

Score
10/10

Malware Config

Targets

    • Target

      aed07f00b67382027af544a03ae22ea0_NeikiAnalytics

    • Size

      457KB

    • MD5

      aed07f00b67382027af544a03ae22ea0

    • SHA1

      b984c64693f050d8d44b084b9da26442b7569630

    • SHA256

      e926c75748a58a92966a499b1503c7d06205bc823dd21e0b7d6257d8d1eaf423

    • SHA512

      2e9839ccce890a99339b5587e8df4da06d20ba85de261730beba8ca4c301b716d97ab7c8cb01c504dc06d6ba574ad7bb20771a79600c20b9e7f3b36af5f908aa

    • SSDEEP

      6144:mY+32WWluqvHpVmXWEjFJRWci+WUd20rUU5EYCTvaBju4zh:dnWwvHpVmXpjJIUd2cUusvalxzh

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Disables use of System Restore points

    • Sets file execution options in registry

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks