Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

9b2a6fe00e...cs.exe

windows7-x64

3

9b2a6fe00e...cs.exe

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...sc.dll

windows7-x64

3

$PLUGINSDI...sc.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

BC DP Mete...l.html

windows7-x64

1

BC DP Mete...l.html

windows10-2004-x64

1

BC DP Mete...o).dll

windows7-x64

1

BC DP Mete...o).dll

windows10-2004-x64

1

BC DP Mete...l.html

windows7-x64

1

BC DP Mete...l.html

windows10-2004-x64

1

BC DP Mete...l.html

windows7-x64

1

BC DP Mete...l.html

windows10-2004-x64

1

BlueCatDPM...st.exe

windows7-x64

6

BlueCatDPM...st.exe

windows10-2004-x64

6

$TEMP/vcre...7}.msi

windows7-x64

6

$TEMP/vcre...7}.msi

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9b2a6fe00e3443378c0a5aad4b69966ee66535645c0493479a683f58a8df7fbf_NeikiAnalytics.exe

  • Size

    4.8MB

  • Sample

    240628-q9am4atajb

  • MD5

    2c25948889f2b0aa59f0573996c7bfa0

  • SHA1

    3f5a90a6167d320a4039a33c7e8e8120cb4212d8

  • SHA256

    9b2a6fe00e3443378c0a5aad4b69966ee66535645c0493479a683f58a8df7fbf

  • SHA512

    7e0d1baa417d79ae9f2a9b75aed521bf68ddae7aa601706b5725ff5e93e597d259825faf794cdffc0936ace33796d0b67f11b56b72712f709054e5e254812164

  • SSDEEP

    98304:2ZxQIKn8pRLe2QTy1V1HnrBOMeLmpbHZlReyirO14suq+ng9sFPyXM+Zr14zq:2bRKAJbOybNnM85l8yJpkQOqXF0q

Score
6/10
persistenceprivilege_escalation

Malware Config

Targets

    • Target

      9b2a6fe00e3443378c0a5aad4b69966ee66535645c0493479a683f58a8df7fbf_NeikiAnalytics.exe

    • Size

      4.8MB

    • MD5

      2c25948889f2b0aa59f0573996c7bfa0

    • SHA1

      3f5a90a6167d320a4039a33c7e8e8120cb4212d8

    • SHA256

      9b2a6fe00e3443378c0a5aad4b69966ee66535645c0493479a683f58a8df7fbf

    • SHA512

      7e0d1baa417d79ae9f2a9b75aed521bf68ddae7aa601706b5725ff5e93e597d259825faf794cdffc0936ace33796d0b67f11b56b72712f709054e5e254812164

    • SSDEEP

      98304:2ZxQIKn8pRLe2QTy1V1HnrBOMeLmpbHZlReyirO14suq+ng9sFPyXM+Zr14zq:2bRKAJbOybNnM85l8yJpkQOqXF0q

    Score
    3/10
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/cpudesc.dll

    • Size

      4KB

    • MD5

      d25102051b33f61c9f7fb564a4556219

    • SHA1

      c683964c11d5175171bd009cb08f87592c923f85

    • SHA256

      e58e5d1d8da2ea526d0d754b4faad3773021166b0720723efb7b30f1f5075398

    • SHA512

      8828eec31926251d7e51b5bf1050c3519c9b7fca4f978fb6ee0bf18f9642c3460687f10ff79e5892100ecadbf49725711567c348e1dfccb3644bd9ef992a92f0

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      c10e04dd4ad4277d5adc951bb331c777

    • SHA1

      b1e30808198a3ae6d6d1cca62df8893dc2a7ad43

    • SHA256

      e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a

    • SHA512

      853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e

    • SSDEEP

      96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420

    Score
    3/10
    behavioral7behavioral8

    • Target

      BC DP Meter Pro 4 VST(Mono) data/manual.pdf

    • Size

      533B

    • MD5

      cac57a516e3813807565cda6ec213f8b

    • SHA1

      22140cbab624b25a811b668e6f4917d901571def

    • SHA256

      2b105bd704f3c804f391537c567e406be9fdcc895b9f5ab86ceb47ec4ec652ea

    • SHA512

      383c16bd43cd88b2fa3cbe48f5711d8d88a43d19d986acddab7257da2f3f3cdcf09e541826874d210c6f8fa0e0a4d7613eea5aa88d84c314dd477928870fd72b

    Score
    1/10
    behavioral10behavioral9

    • Target

      BC DP Meter Pro 4 VST(Mono).dll

    • Size

      6.3MB

    • MD5

      6bba989190fb3dece8c280bc376e72ba

    • SHA1

      3b99c0bac0447917c08a2403e2f73dcbd6af291f

    • SHA256

      d29e14ab72d062e9a7acf94fdb82f8410aa1b67e0c1e7f05d6377f4cf86788b9

    • SHA512

      16cc8bdeb7039ce8c9f8d323be85a2c4146080a1ac48a1396c4c70f41297efd0fadf3c28df92cb01054e0f4674db9c9b833724e23d1a289b75301b50310759c6

    • SSDEEP

      98304:+SDBerZ8MyLpGfdjnY17O3CMNHmIEAbDG8S:+QBerKMyFGFgMkIEAeN

    Score
    1/10
    behavioral11behavioral12

    • Target

      BC DP Meter Pro 4 VST(Srnd) data/manual.pdf

    • Size

      533B

    • MD5

      cac57a516e3813807565cda6ec213f8b

    • SHA1

      22140cbab624b25a811b668e6f4917d901571def

    • SHA256

      2b105bd704f3c804f391537c567e406be9fdcc895b9f5ab86ceb47ec4ec652ea

    • SHA512

      383c16bd43cd88b2fa3cbe48f5711d8d88a43d19d986acddab7257da2f3f3cdcf09e541826874d210c6f8fa0e0a4d7613eea5aa88d84c314dd477928870fd72b

    Score
    1/10
    behavioral13behavioral14

    • Target

      BC DP Meter Pro 4 VST(Stereo) data/manual.pdf

    • Size

      533B

    • MD5

      cac57a516e3813807565cda6ec213f8b

    • SHA1

      22140cbab624b25a811b668e6f4917d901571def

    • SHA256

      2b105bd704f3c804f391537c567e406be9fdcc895b9f5ab86ceb47ec4ec652ea

    • SHA512

      383c16bd43cd88b2fa3cbe48f5711d8d88a43d19d986acddab7257da2f3f3cdcf09e541826874d210c6f8fa0e0a4d7613eea5aa88d84c314dd477928870fd72b

    Score
    1/10
    behavioral15behavioral16

    • Target

      BlueCatDPMeterPro_vcredist.exe

    • Size

      769KB

    • MD5

      c6cefeab592fd289a71b1891e920fbdc

    • SHA1

      99a15aee36176de11e70fae62392efb0089e838e

    • SHA256

      ed8bf8887a46f032e078d46399eba8433e6f7cf3f39b10aacfd43e398bc385dd

    • SHA512

      f8039b20d64ead941b88efc9c5e79fb9ee143de9aa466f1a01476089ef91cc4ddf25fadad856834d77db9b3dfdcb84d469a823eae47deef099ee1cf59f7e7b9b

    • SSDEEP

      24576:71Qr0sqpWXL1Falk+XgQnDUo1uJ60A/iL8Kff3/Vx:RQr0NEpIlkDQnDUoU8YLbfvNx

    Score
    6/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral17behavioral18

    • Target

      $TEMP/vcredist-x86.11.0.61030-{1614CF08-F55E-44A6-977E-1E96E55946B7}.msi

    • Size

      801KB

    • MD5

      0f80620eba4bca47cc196665d07bfba7

    • SHA1

      b51a2dd24f62cf31be222c71d58a9a1f2136c11d

    • SHA256

      4f4e936713e75d9b1685adada22bd329ce04238d2d5f3a90df40f6c4cdafa5e5

    • SHA512

      6f758a5a38748d8ab90e0f7888ca4ccd927a9f78392f25ec6741e202f42513a28d95671a04111d7478c843df416888be75ebf224e8eeaea1b5239ca3961854b9

    • SSDEEP

      12288:OVyBtbS3GrW6QcPE3CpkfMbHTGBZ909E+NgNgpqO6meIfkbNXLP2rgey:OVyBFRPTpXbzQZIZo8B6meIfQNXr

    Score
    6/10
    persistenceprivilege_escalation

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral19behavioral20

MITRE ATT&CK Enterprise v15

Tasks