Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    56185c7ff9fe82048b7268875dc59fa0_NeikiAnalytics.exe

  • Size

    352KB

  • Sample

    240529-z8yszaba86

  • MD5

    56185c7ff9fe82048b7268875dc59fa0

  • SHA1

    4ccafa612274d1267689d8da4771bfc5a56cfb7d

  • SHA256

    4d02eef5a2923708b227fa39a3f397078e0a42f5a3bae71df65bfb2bdd4249cb

  • SHA512

    7bde3d576a13bdd5782c22277baf2ebfc33e81c439fe0b26c4c089faa8f40b83516394fd2cdd951ff6f836c1caeeb6b2046d2c28adfa9d0801aaadca201ee41b

  • SSDEEP

    6144:vIGEnprZkRs38t54c6rzNdfTIGEnprZkRs38t54c6rzNdfH:vxEnAR934PxEnAR934D

Score
10/10

Malware Config

Targets

    • Target

      56185c7ff9fe82048b7268875dc59fa0_NeikiAnalytics.exe

    • Size

      352KB

    • MD5

      56185c7ff9fe82048b7268875dc59fa0

    • SHA1

      4ccafa612274d1267689d8da4771bfc5a56cfb7d

    • SHA256

      4d02eef5a2923708b227fa39a3f397078e0a42f5a3bae71df65bfb2bdd4249cb

    • SHA512

      7bde3d576a13bdd5782c22277baf2ebfc33e81c439fe0b26c4c089faa8f40b83516394fd2cdd951ff6f836c1caeeb6b2046d2c28adfa9d0801aaadca201ee41b

    • SSDEEP

      6144:vIGEnprZkRs38t54c6rzNdfTIGEnprZkRs38t54c6rzNdfH:vxEnAR934PxEnAR934D

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Disables use of System Restore points

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks