Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9dcb6d48ac9e9d78af6cd6818951f180_NeikiAnalytics.exe
-
Size
65KB
-
Sample
240614-dqy55axbjm
-
MD5
9dcb6d48ac9e9d78af6cd6818951f180
-
SHA1
0cd44b249fb9b48da51e464e6ddf07b8cf32d175
-
SHA256
7bfa16f4687747816f1e6c6e08404e8cdab82f13c9daa99e8d0c390f43b545de
-
SHA512
c0dc7d217219905cebd6561fda3be1ef56c29c7f472bd1207c8c93825f8cbc4a0b8e982137150548d224bf36d23d73cf59eddbe090bfced799b5c1623a95578a
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/Ouf:7WNqkOJWmo1HpM0MkTUmuf
Malware Config
Targets
-
-
Target
9dcb6d48ac9e9d78af6cd6818951f180_NeikiAnalytics.exe
-
Size
65KB
-
MD5
9dcb6d48ac9e9d78af6cd6818951f180
-
SHA1
0cd44b249fb9b48da51e464e6ddf07b8cf32d175
-
SHA256
7bfa16f4687747816f1e6c6e08404e8cdab82f13c9daa99e8d0c390f43b545de
-
SHA512
c0dc7d217219905cebd6561fda3be1ef56c29c7f472bd1207c8c93825f8cbc4a0b8e982137150548d224bf36d23d73cf59eddbe090bfced799b5c1623a95578a
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/Ouf:7WNqkOJWmo1HpM0MkTUmuf
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1