Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3abd05cfdb8cd529b9b31dde1719f8f0_NeikiAnalytics.exe

  • Size

    66KB

  • Sample

    240528-j8cyhadd68

  • MD5

    3abd05cfdb8cd529b9b31dde1719f8f0

  • SHA1

    f66e887f0a6c0cbc2ce56cce1d017300f7e9d44f

  • SHA256

    b88342ddb0238f9bd7f39971baaf9a086cf5cbf8abf72d1eec78170046c33b7a

  • SHA512

    78351a8d7e30b9259577c36f975de1ac43c02894170c8fa22be6ec468bbd65b7af5d0579a27e61a64c28ffdbe02f11f8180da7f220bf41fe919a6d1a7482c25d

  • SSDEEP

    1536:EHfetdklPp+07gDSrB8Xru2zGeJxgawTzpXzrDJrXiH:IeklMMYJhqezw/pXzH9iH

Malware Config

Targets

    • Target

      3abd05cfdb8cd529b9b31dde1719f8f0_NeikiAnalytics.exe

    • Size

      66KB

    • MD5

      3abd05cfdb8cd529b9b31dde1719f8f0

    • SHA1

      f66e887f0a6c0cbc2ce56cce1d017300f7e9d44f

    • SHA256

      b88342ddb0238f9bd7f39971baaf9a086cf5cbf8abf72d1eec78170046c33b7a

    • SHA512

      78351a8d7e30b9259577c36f975de1ac43c02894170c8fa22be6ec468bbd65b7af5d0579a27e61a64c28ffdbe02f11f8180da7f220bf41fe919a6d1a7482c25d

    • SSDEEP

      1536:EHfetdklPp+07gDSrB8Xru2zGeJxgawTzpXzrDJrXiH:IeklMMYJhqezw/pXzH9iH

    • Detects BazaLoader malware

      BazaLoader is a trojan that transmits logs to the Command and Control (C2) server, encoding them in BASE64 format through GET requests.

    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.