Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    306b3930a69d6db8276fc9fb9c4da000_NeikiAnalytics.exe

  • Size

    480KB

  • Sample

    240519-y54z5sgb29

  • MD5

    306b3930a69d6db8276fc9fb9c4da000

  • SHA1

    2f62f09e8bca383537736fa777fc6442a00e293e

  • SHA256

    ea15c0d4a7d2c2dd02c61b8511a04465a8f88ec65c7f01f491a94b9c144bc5d2

  • SHA512

    7283a61e1b103915dd2e35cad265464bd7c5eb83291f13be88b3b44980989c4a1fe71bc1d2db9a3f523ed28129086a2dbd89a89794e8374d55b1d51931a19d41

  • SSDEEP

    6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKElDnT:nRDc3yWDNU+YUznzNjElWaT07NQtDT

Score
10/10

Malware Config

Targets

    • Target

      306b3930a69d6db8276fc9fb9c4da000_NeikiAnalytics.exe

    • Size

      480KB

    • MD5

      306b3930a69d6db8276fc9fb9c4da000

    • SHA1

      2f62f09e8bca383537736fa777fc6442a00e293e

    • SHA256

      ea15c0d4a7d2c2dd02c61b8511a04465a8f88ec65c7f01f491a94b9c144bc5d2

    • SHA512

      7283a61e1b103915dd2e35cad265464bd7c5eb83291f13be88b3b44980989c4a1fe71bc1d2db9a3f523ed28129086a2dbd89a89794e8374d55b1d51931a19d41

    • SSDEEP

      6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKElDnT:nRDc3yWDNU+YUznzNjElWaT07NQtDT

    Score
    10/10
    • Modifies firewall policy service

    • Adds policy Run key to start application

    • Sets service image path in registry

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks