Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0dada09dae32a7793929e47c60da2310_NeikiAnalytics.exe

  • Size

    352KB

  • Sample

    240606-nlzk7sed99

  • MD5

    0dada09dae32a7793929e47c60da2310

  • SHA1

    5b2d08a3375484138887bceddc6646799717a7e9

  • SHA256

    737ced1201360a098686aba2d4e10df2367a0eb14df80286d131649be8272c41

  • SHA512

    ae4ab3b21a3b7b2525dc91b625108153bb59aa4024115ad473624a10eaf94d9dbd386e714ece1bca53452c177e15b47ad521da313b5993589916b955145930f2

  • SSDEEP

    6144:vIGEnprZkRs38t54c6rzNdfzIGEnprZkRs38t54c6rzNdf/:vxEnAR934fxEnAR934L

Score
10/10

Malware Config

Targets

    • Target

      0dada09dae32a7793929e47c60da2310_NeikiAnalytics.exe

    • Size

      352KB

    • MD5

      0dada09dae32a7793929e47c60da2310

    • SHA1

      5b2d08a3375484138887bceddc6646799717a7e9

    • SHA256

      737ced1201360a098686aba2d4e10df2367a0eb14df80286d131649be8272c41

    • SHA512

      ae4ab3b21a3b7b2525dc91b625108153bb59aa4024115ad473624a10eaf94d9dbd386e714ece1bca53452c177e15b47ad521da313b5993589916b955145930f2

    • SSDEEP

      6144:vIGEnprZkRs38t54c6rzNdfzIGEnprZkRs38t54c6rzNdf/:vxEnAR934fxEnAR934L

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Disables use of System Restore points

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks