Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
08a09158b799ec0798be26fff576bf70_NeikiAnalytics.exe
-
Size
66KB
-
Sample
240606-x3l6waag4v
-
MD5
08a09158b799ec0798be26fff576bf70
-
SHA1
f072dd81838804709916d3487dd24ec663978139
-
SHA256
7de2c19c7ee99b48e19d48e04f95efc542e06fdb284a4f3f7eb51e5fabcd594e
-
SHA512
4dacfc088bdc9409d0c0804b2f8d0d780244aa53a50dfd5596e78fc806c3c6491d7987a7df3cd8ffa7ad583c125a5d016ddda8ad75f70285ea80297f19671758
-
SSDEEP
1536:EHfetdklPp+07gDSrB8Xru2zGeJxgawTzpXzrDJrXi6:IeklMMYJhqezw/pXzH9i6
Static task
static1
Behavioral task
behavioral1
Sample
08a09158b799ec0798be26fff576bf70_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
08a09158b799ec0798be26fff576bf70_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
08a09158b799ec0798be26fff576bf70_NeikiAnalytics.exe
-
Size
66KB
-
MD5
08a09158b799ec0798be26fff576bf70
-
SHA1
f072dd81838804709916d3487dd24ec663978139
-
SHA256
7de2c19c7ee99b48e19d48e04f95efc542e06fdb284a4f3f7eb51e5fabcd594e
-
SHA512
4dacfc088bdc9409d0c0804b2f8d0d780244aa53a50dfd5596e78fc806c3c6491d7987a7df3cd8ffa7ad583c125a5d016ddda8ad75f70285ea80297f19671758
-
SSDEEP
1536:EHfetdklPp+07gDSrB8Xru2zGeJxgawTzpXzrDJrXi6:IeklMMYJhqezw/pXzH9i6
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1