Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3a50ce1fdd93ae5fbc810c8d4cd9a3a0_NeikiAnalytics.exe

  • Size

    91KB

  • Sample

    240602-fhms8scc55

  • MD5

    3a50ce1fdd93ae5fbc810c8d4cd9a3a0

  • SHA1

    fb585d9b5a2e8cc49cd27995e26426f661201a31

  • SHA256

    0a8e8012c6e4d632b06494dc039465a057cdd756f897e5b093215e0b6031af5e

  • SHA512

    47da6bb1c7a4d3debf07b2c01f641dd1c56c0f43ffb68c0aceaa5d8c746bdf3d155e6df33df4e7f76f5cdc8d044566e5bd0ebb64a74727bff6fd7434ab205304

  • SSDEEP

    1536:kRsjd3GR2Dxy387Lnouy8VT8Rsjd3GR2Dxy387Lnouy8VTY:kOgUXoutN8OgUXoutNY

Score
10/10

Malware Config

Targets

    • Target

      3a50ce1fdd93ae5fbc810c8d4cd9a3a0_NeikiAnalytics.exe

    • Size

      91KB

    • MD5

      3a50ce1fdd93ae5fbc810c8d4cd9a3a0

    • SHA1

      fb585d9b5a2e8cc49cd27995e26426f661201a31

    • SHA256

      0a8e8012c6e4d632b06494dc039465a057cdd756f897e5b093215e0b6031af5e

    • SHA512

      47da6bb1c7a4d3debf07b2c01f641dd1c56c0f43ffb68c0aceaa5d8c746bdf3d155e6df33df4e7f76f5cdc8d044566e5bd0ebb64a74727bff6fd7434ab205304

    • SSDEEP

      1536:kRsjd3GR2Dxy387Lnouy8VT8Rsjd3GR2Dxy387Lnouy8VTY:kOgUXoutN8OgUXoutNY

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Disables RegEdit via registry modification

    • Disables use of System Restore points

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks