Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

6e2ba3dfe6...cs.exe

windows7-x64

7

6e2ba3dfe6...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6e2ba3dfe684da984f3d447a89fe476bef13b270a3077b2fd64bb02a2d87c5c4_NeikiAnalytics.exe

  • Size

    134KB

  • Sample

    240629-gdpmpssbmg

  • MD5

    4058f8a1aae0b2081ab7a5c75fa48250

  • SHA1

    1e5a40d2b4babe4d37bd33b30fe58596f61df074

  • SHA256

    6e2ba3dfe684da984f3d447a89fe476bef13b270a3077b2fd64bb02a2d87c5c4

  • SHA512

    01eea9707bda67405ceff24349056ea05060e9139b6da1d0f1fe8a0be727d40d22dd6de14220298f6fc89df474a2dc86a0a2642fee36b34ba80fbd18d44f13aa

  • SSDEEP

    1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOJ:YfU/WF6QMauSuiWNi9eNOl0007NZIOJ

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      6e2ba3dfe684da984f3d447a89fe476bef13b270a3077b2fd64bb02a2d87c5c4_NeikiAnalytics.exe

    • Size

      134KB

    • MD5

      4058f8a1aae0b2081ab7a5c75fa48250

    • SHA1

      1e5a40d2b4babe4d37bd33b30fe58596f61df074

    • SHA256

      6e2ba3dfe684da984f3d447a89fe476bef13b270a3077b2fd64bb02a2d87c5c4

    • SHA512

      01eea9707bda67405ceff24349056ea05060e9139b6da1d0f1fe8a0be727d40d22dd6de14220298f6fc89df474a2dc86a0a2642fee36b34ba80fbd18d44f13aa

    • SSDEEP

      1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOJ:YfU/WF6QMauSuiWNi9eNOl0007NZIOJ

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks