Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    15ff4aa32eae43f2bf88f7a572a673e0_NeikiAnalytics.exe

  • Size

    22KB

  • Sample

    240516-xm8d6sbc82

  • MD5

    15ff4aa32eae43f2bf88f7a572a673e0

  • SHA1

    869f94e43b07534094539733d5cf1ff928815d43

  • SHA256

    d50aeae6cf22c2936bc38b90a149f615e00716f67a5159fac08f6da273ca003f

  • SHA512

    b969cee948a2d85fae241484678d57416136fa78764ef60ff14f02853eb12382d80ea126e3904c258c31f2237f1a2e152f227c952457b161aa27a451432578d1

  • SSDEEP

    384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX+N06nlk:rRkiLw3HsDSARGG/ON0qk

Malware Config

Targets

    • Target

      15ff4aa32eae43f2bf88f7a572a673e0_NeikiAnalytics.exe

    • Size

      22KB

    • MD5

      15ff4aa32eae43f2bf88f7a572a673e0

    • SHA1

      869f94e43b07534094539733d5cf1ff928815d43

    • SHA256

      d50aeae6cf22c2936bc38b90a149f615e00716f67a5159fac08f6da273ca003f

    • SHA512

      b969cee948a2d85fae241484678d57416136fa78764ef60ff14f02853eb12382d80ea126e3904c258c31f2237f1a2e152f227c952457b161aa27a451432578d1

    • SSDEEP

      384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX+N06nlk:rRkiLw3HsDSARGG/ON0qk

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks