Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

d90f7a8f32...cs.exe

windows7-x64

10

d90f7a8f32...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d90f7a8f324b5066c91e22253ee5b650_NeikiAnalytics.exe

  • Size

    211KB

  • Sample

    240526-ymcsyaag87

  • MD5

    d90f7a8f324b5066c91e22253ee5b650

  • SHA1

    21fd4bdf7c9e43cd7843456c5d5ed0c7ec69fa12

  • SHA256

    f6397e60575b7cbf356aefe51a043c7e711d577cbfa30e9f47ac890ae29af46f

  • SHA512

    e9ef2d384a0b6b605e40f77f015f2afbe12a6218a0b985abf6b4a126354711ebdf742ceedb771f0b611e91faea6df022b99f5b6bfebd64062b25c4d535298118

  • SSDEEP

    3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOy:Jh8cBzHLRMpZ4d1Zy

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      d90f7a8f324b5066c91e22253ee5b650_NeikiAnalytics.exe

    • Size

      211KB

    • MD5

      d90f7a8f324b5066c91e22253ee5b650

    • SHA1

      21fd4bdf7c9e43cd7843456c5d5ed0c7ec69fa12

    • SHA256

      f6397e60575b7cbf356aefe51a043c7e711d577cbfa30e9f47ac890ae29af46f

    • SHA512

      e9ef2d384a0b6b605e40f77f015f2afbe12a6218a0b985abf6b4a126354711ebdf742ceedb771f0b611e91faea6df022b99f5b6bfebd64062b25c4d535298118

    • SSDEEP

      3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOy:Jh8cBzHLRMpZ4d1Zy

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Modifies Installed Components in the registry

      persistence

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks