Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1793ac36017222a1fd774af947202d00_NeikiAnalytics.exe
-
Size
148KB
-
Sample
240525-csph2abb9t
-
MD5
1793ac36017222a1fd774af947202d00
-
SHA1
f25d63ab8d9a04feb00706d53b407b85b1e966ff
-
SHA256
cd7825d52cdb1f275c3b24be99fddc66f774984737aa18295d84864722583e0c
-
SHA512
266edae9fabe6e8316a4b9ba7bef61e104bfea8fa75d010d1e296329eb12cec78a20c29cf0100d68af12a660d2163d08bd4ff86d26daebf1975bc599086b0c2c
-
SSDEEP
1536:nrel3XWo2VxyMcCbncBVZWX5HzvCxGYCBbxTNyThXPW:rC3XWoixXDncBV4X5HzKxGYCzTNyTJW
Malware Config
Targets
-
-
Target
1793ac36017222a1fd774af947202d00_NeikiAnalytics.exe
-
Size
148KB
-
MD5
1793ac36017222a1fd774af947202d00
-
SHA1
f25d63ab8d9a04feb00706d53b407b85b1e966ff
-
SHA256
cd7825d52cdb1f275c3b24be99fddc66f774984737aa18295d84864722583e0c
-
SHA512
266edae9fabe6e8316a4b9ba7bef61e104bfea8fa75d010d1e296329eb12cec78a20c29cf0100d68af12a660d2163d08bd4ff86d26daebf1975bc599086b0c2c
-
SSDEEP
1536:nrel3XWo2VxyMcCbncBVZWX5HzvCxGYCBbxTNyThXPW:rC3XWoixXDncBV4X5HzKxGYCzTNyTJW
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Drops file in Drivers directory
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1