Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2fe1f7f7483896f0544b19dfe7969490_NeikiAnalytics.exe

  • Size

    191KB

  • Sample

    240519-y4vebagb6s

  • MD5

    2fe1f7f7483896f0544b19dfe7969490

  • SHA1

    a2e8211d41017453a6e7623af36d26019692d402

  • SHA256

    b186f549a48bf83d51b27e3ca265d31f6a46a4e1d91a0cac0b5bc867c06e39bb

  • SHA512

    e23f44e8b6f73f0acbe86b87039c8ef86bb118d7ca3402f4494ace74d520c5ffc9de3059f9494e324cac980b3162f87cdce6dbae2dc38044475cdacecb2b85cb

  • SSDEEP

    3072:2AKEsYqqjfipJWYpWJZfGXFxUYyaJC6sOMD5Qjj9jRMKSlJ8subptbbG+X:NKE+qjfipJWYpWJZfGXFRJJRsOM9+j5L

Score
7/10

Malware Config

Targets

    • Target

      2fe1f7f7483896f0544b19dfe7969490_NeikiAnalytics.exe

    • Size

      191KB

    • MD5

      2fe1f7f7483896f0544b19dfe7969490

    • SHA1

      a2e8211d41017453a6e7623af36d26019692d402

    • SHA256

      b186f549a48bf83d51b27e3ca265d31f6a46a4e1d91a0cac0b5bc867c06e39bb

    • SHA512

      e23f44e8b6f73f0acbe86b87039c8ef86bb118d7ca3402f4494ace74d520c5ffc9de3059f9494e324cac980b3162f87cdce6dbae2dc38044475cdacecb2b85cb

    • SSDEEP

      3072:2AKEsYqqjfipJWYpWJZfGXFxUYyaJC6sOMD5Qjj9jRMKSlJ8subptbbG+X:NKE+qjfipJWYpWJZfGXFRJJRsOM9+j5L

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks