Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d558b479606b9f077db2e691bd467310_NeikiAnalytics

  • Size

    65KB

  • Sample

    240515-rbbm6scf51

  • MD5

    d558b479606b9f077db2e691bd467310

  • SHA1

    bf1dcbf9fea95ed1e3be586ef1cbfad0e7a317cf

  • SHA256

    31484b188f29309c6ac3ebdd5133721c1a51c65f7511f7f8d05a4ffcb2b7b0f7

  • SHA512

    3d058a6054c2685ed44b20dafaaf7a5e948735bd129b7b7da2ecbf877c9f323e6a8cc4db537e56c591024cc7356ed16e3621acc54e1c2733ea0d12201aa54e9b

  • SSDEEP

    768:jIUcOfjivF0qaipNRY8B8xSX5v8JgXYM9rnLE6z+A4xD8wyiHM+KCmuLN1jstlCe:jo2ip7Y8ASN8JMYmMQqMuXQnuMv

Malware Config

Targets

    • Target

      d558b479606b9f077db2e691bd467310_NeikiAnalytics

    • Size

      65KB

    • MD5

      d558b479606b9f077db2e691bd467310

    • SHA1

      bf1dcbf9fea95ed1e3be586ef1cbfad0e7a317cf

    • SHA256

      31484b188f29309c6ac3ebdd5133721c1a51c65f7511f7f8d05a4ffcb2b7b0f7

    • SHA512

      3d058a6054c2685ed44b20dafaaf7a5e948735bd129b7b7da2ecbf877c9f323e6a8cc4db537e56c591024cc7356ed16e3621acc54e1c2733ea0d12201aa54e9b

    • SSDEEP

      768:jIUcOfjivF0qaipNRY8B8xSX5v8JgXYM9rnLE6z+A4xD8wyiHM+KCmuLN1jstlCe:jo2ip7Y8ASN8JMYmMQqMuXQnuMv

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks