Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

7

1358c07f80...cs.exe

windows7-x64

10

1358c07f80...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1358c07f8081642a297f6d21f44e1d50_NeikiAnalytics.exe

  • Size

    330KB

  • Sample

    240526-txnwqsdd53

  • MD5

    1358c07f8081642a297f6d21f44e1d50

  • SHA1

    cab99dfb10ddedb53372799e3ef6e96dbc954795

  • SHA256

    d6d9556cb59f0767417c9df86e0e82a6617908cc8569c851959073643123b19b

  • SHA512

    8d435c1154496932361cac8efbf5c7c75373967e0a89de465e9b7cd0e74526d6303eb57096d0693d38fd0165a5373f8018caf336c528a21d8f6d6beee6dc18b8

  • SSDEEP

    3072:e53mQjJtnP5I09qgmBBAWgjSvwFV7dbp3mM4eeJrDFb4s:emeJtna2qgmBNgQwN1uJHFMs

Score
10/10
upx

Malware Config

Extracted

Credentials

  • Protocol:     ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    onthelinux
  • Password:
    741852abc

Targets

    • Target

      1358c07f8081642a297f6d21f44e1d50_NeikiAnalytics.exe

    • Size

      330KB

    • MD5

      1358c07f8081642a297f6d21f44e1d50

    • SHA1

      cab99dfb10ddedb53372799e3ef6e96dbc954795

    • SHA256

      d6d9556cb59f0767417c9df86e0e82a6617908cc8569c851959073643123b19b

    • SHA512

      8d435c1154496932361cac8efbf5c7c75373967e0a89de465e9b7cd0e74526d6303eb57096d0693d38fd0165a5373f8018caf336c528a21d8f6d6beee6dc18b8

    • SSDEEP

      3072:e53mQjJtnP5I09qgmBBAWgjSvwFV7dbp3mM4eeJrDFb4s:emeJtna2qgmBNgQwN1uJHFMs

    Score
    10/10
    upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks