Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

617d5ef0d8...cs.exe

windows7-x64

10

617d5ef0d8...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    617d5ef0d85c23171e6efea7c51920b0_NeikiAnalytics.exe

  • Size

    53KB

  • Sample

    240524-wjxb3aed45

  • MD5

    617d5ef0d85c23171e6efea7c51920b0

  • SHA1

    f4e31de4a35f35f54f5d550904b8af0292f3f12a

  • SHA256

    685e88ec6cd41802c943dbd8021a107d09b81729fef259d1672123ad24d287d2

  • SHA512

    8af4039ff40fea93589a6c14fb401b2bf7f1c1c3b1fa0adf73bce4fa6101713c265961d14eee461239159114bcb76ea0f3274bcf20ed0f029d97760521b14658

  • SSDEEP

    1536:vN1g8r8Qc8eG2Nag07Kp3StjEMjmLM3ztDJWZsXy4JzxPMk:U8eG4X0JJjmLM3zRJWZsXy4Jt

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      617d5ef0d85c23171e6efea7c51920b0_NeikiAnalytics.exe

    • Size

      53KB

    • MD5

      617d5ef0d85c23171e6efea7c51920b0

    • SHA1

      f4e31de4a35f35f54f5d550904b8af0292f3f12a

    • SHA256

      685e88ec6cd41802c943dbd8021a107d09b81729fef259d1672123ad24d287d2

    • SHA512

      8af4039ff40fea93589a6c14fb401b2bf7f1c1c3b1fa0adf73bce4fa6101713c265961d14eee461239159114bcb76ea0f3274bcf20ed0f029d97760521b14658

    • SSDEEP

      1536:vN1g8r8Qc8eG2Nag07Kp3StjEMjmLM3ztDJWZsXy4JzxPMk:U8eG4X0JJjmLM3zRJWZsXy4Jt

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks