Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
45fbbf99c54139e05fea3f219088c0b57d052e04de20c419aab0dfa269d7a9b6_NeikiAnalytics.exe
-
Size
413KB
-
Sample
240628-abr7gszdkb
-
MD5
4cc33c91c65020b138778745da6ff4d0
-
SHA1
abf61e0c6bf8e1862d8fd215c9713e853d7e4cb6
-
SHA256
45fbbf99c54139e05fea3f219088c0b57d052e04de20c419aab0dfa269d7a9b6
-
SHA512
84c364ff8dd0cac0da1563127931e92e21f92fdd9fbfaf741ad4efeac4e2321287256f83a911feb50e23ad13a6729d8e020694a43657046a62eddfd359b96cec
-
SSDEEP
3072:tu45knhZlO52+XgTTSjMSCeSkjrbuYVHburlnbKF444BY:o6kXlO5JXgTTSjTSOrl7urln2qY
Static task
static1
Behavioral task
behavioral1
Sample
45fbbf99c54139e05fea3f219088c0b57d052e04de20c419aab0dfa269d7a9b6_NeikiAnalytics.exe
Resource
win7-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
45fbbf99c54139e05fea3f219088c0b57d052e04de20c419aab0dfa269d7a9b6_NeikiAnalytics.exe
-
Size
413KB
-
MD5
4cc33c91c65020b138778745da6ff4d0
-
SHA1
abf61e0c6bf8e1862d8fd215c9713e853d7e4cb6
-
SHA256
45fbbf99c54139e05fea3f219088c0b57d052e04de20c419aab0dfa269d7a9b6
-
SHA512
84c364ff8dd0cac0da1563127931e92e21f92fdd9fbfaf741ad4efeac4e2321287256f83a911feb50e23ad13a6729d8e020694a43657046a62eddfd359b96cec
-
SSDEEP
3072:tu45knhZlO52+XgTTSjMSCeSkjrbuYVHburlnbKF444BY:o6kXlO5JXgTTSjTSOrl7urln2qY
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5