Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    adcd3bd5c6b1a479db5af9138a9a6980_NeikiAnalytics.exe

  • Size

    63KB

  • Sample

    240517-fmjx5sad21

  • MD5

    adcd3bd5c6b1a479db5af9138a9a6980

  • SHA1

    1db9197b52e23d51b594ea04baf89166b94e8eef

  • SHA256

    7c93ceb712e21f475f5f1177f486134a68c93b1b225355522df64415cbd7942a

  • SHA512

    7539c62475b29c7cac1ae4cd201b021e5f44c5ee26a69e1ca2be81518377c2ae9cd9c03045dc8d18ad9e06cb3258851450a3acdcc605fc510bc9514bebcdba0d

  • SSDEEP

    768:rAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGKQLddOW/24WvgMb7rAY:sUNHFKQbIkHvGMdOp4Zu7MY

Malware Config

Targets

    • Target

      adcd3bd5c6b1a479db5af9138a9a6980_NeikiAnalytics.exe

    • Size

      63KB

    • MD5

      adcd3bd5c6b1a479db5af9138a9a6980

    • SHA1

      1db9197b52e23d51b594ea04baf89166b94e8eef

    • SHA256

      7c93ceb712e21f475f5f1177f486134a68c93b1b225355522df64415cbd7942a

    • SHA512

      7539c62475b29c7cac1ae4cd201b021e5f44c5ee26a69e1ca2be81518377c2ae9cd9c03045dc8d18ad9e06cb3258851450a3acdcc605fc510bc9514bebcdba0d

    • SSDEEP

      768:rAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGKQLddOW/24WvgMb7rAY:sUNHFKQbIkHvGMdOp4Zu7MY

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks