Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8f6de4f265f6a4805215531b3f88dd90_NeikiAnalytics.exe

  • Size

    521KB

  • Sample

    240520-cxybqsga8t

  • MD5

    8f6de4f265f6a4805215531b3f88dd90

  • SHA1

    9f9091f272ea6499393a6abaf06d83e0be5b9052

  • SHA256

    141774eca9c4d74eaf7a2e617b5e92c8138c80fe49cf0aa388a4cc72a6739e02

  • SHA512

    364bdb2a2c8ea5114bd4c2cdb7428be6e4b8a93b21a583be7a9a48030ee0566b44e42350db6ad4487d34c4f3973b2eb4d86809177ff2e5f9f9b0b36775ab1a44

  • SSDEEP

    12288:HP0JHPs1gL5pRTcAkS/3hzN8qE43fm78V:4B5jcAkSYqyE

Score
10/10

Malware Config

Targets

    • Target

      8f6de4f265f6a4805215531b3f88dd90_NeikiAnalytics.exe

    • Size

      521KB

    • MD5

      8f6de4f265f6a4805215531b3f88dd90

    • SHA1

      9f9091f272ea6499393a6abaf06d83e0be5b9052

    • SHA256

      141774eca9c4d74eaf7a2e617b5e92c8138c80fe49cf0aa388a4cc72a6739e02

    • SHA512

      364bdb2a2c8ea5114bd4c2cdb7428be6e4b8a93b21a583be7a9a48030ee0566b44e42350db6ad4487d34c4f3973b2eb4d86809177ff2e5f9f9b0b36775ab1a44

    • SSDEEP

      12288:HP0JHPs1gL5pRTcAkS/3hzN8qE43fm78V:4B5jcAkSYqyE

    Score
    10/10
    • Modifies WinLogon for persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks