Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    467b6c8c8584132cafbe3e1472a04eac60b9bb1104880da4068d2dfdf6729050_NeikiAnalytics.exe

  • Size

    60KB

  • Sample

    240627-d69lsszhlf

  • MD5

    ebf0d9731c70b80abc77a4d830e3de60

  • SHA1

    c76fc516ef597d944e66210da3815df0124f2281

  • SHA256

    467b6c8c8584132cafbe3e1472a04eac60b9bb1104880da4068d2dfdf6729050

  • SHA512

    7bb0d4fa8525d3296f56db1cac538b086d19e7dfb765fb7421e451e46ea862f5207076a832d060d8144781889518a65361e4f4ee134871f27f45516c4d67cc85

  • SSDEEP

    1536:puGkxchM9tt/qU1i/gcU8eVTOK/YqjYYamvbtbWb3vV:AFxQM9/z1i/NU82OMYcYYamv5bAt

Malware Config

Targets

    • Target

      467b6c8c8584132cafbe3e1472a04eac60b9bb1104880da4068d2dfdf6729050_NeikiAnalytics.exe

    • Size

      60KB

    • MD5

      ebf0d9731c70b80abc77a4d830e3de60

    • SHA1

      c76fc516ef597d944e66210da3815df0124f2281

    • SHA256

      467b6c8c8584132cafbe3e1472a04eac60b9bb1104880da4068d2dfdf6729050

    • SHA512

      7bb0d4fa8525d3296f56db1cac538b086d19e7dfb765fb7421e451e46ea862f5207076a832d060d8144781889518a65361e4f4ee134871f27f45516c4d67cc85

    • SSDEEP

      1536:puGkxchM9tt/qU1i/gcU8eVTOK/YqjYYamvbtbWb3vV:AFxQM9/z1i/NU82OMYcYYamv5bAt

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

    • Hide Artifacts: Hidden Files and Directories

MITRE ATT&CK Enterprise v15

Tasks