Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ad827a5cf1127f1cfb3af8ba55cc4de570404ee0a81edb74789788761c5e1f81_NeikiAnalytics.exe
-
Size
3.1MB
-
Sample
240629-qstdwa1frl
-
MD5
559392040209af04b36cb0c79cbaed20
-
SHA1
74ba5cc83f04f1752ae1068310d5a00a99e43741
-
SHA256
ad827a5cf1127f1cfb3af8ba55cc4de570404ee0a81edb74789788761c5e1f81
-
SHA512
a29fb8e075bbe03e390a85172245fa356c5a9f4228e28357d4af98756c5ab419a80e6f437aac33ff33c4d99416ad8cf2161dd4bd90dd18ed3e37c15c0034dc62
-
SSDEEP
49152:ZUuBTOjZwS1Ihk+hy7iHuaRZnt+NTNLiG97d:ZXRO0hkr2Rxt+eE
Static task
static1
Behavioral task
behavioral1
Sample
ad827a5cf1127f1cfb3af8ba55cc4de570404ee0a81edb74789788761c5e1f81_NeikiAnalytics.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
ad827a5cf1127f1cfb3af8ba55cc4de570404ee0a81edb74789788761c5e1f81_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
ad827a5cf1127f1cfb3af8ba55cc4de570404ee0a81edb74789788761c5e1f81_NeikiAnalytics.exe
-
Size
3.1MB
-
MD5
559392040209af04b36cb0c79cbaed20
-
SHA1
74ba5cc83f04f1752ae1068310d5a00a99e43741
-
SHA256
ad827a5cf1127f1cfb3af8ba55cc4de570404ee0a81edb74789788761c5e1f81
-
SHA512
a29fb8e075bbe03e390a85172245fa356c5a9f4228e28357d4af98756c5ab419a80e6f437aac33ff33c4d99416ad8cf2161dd4bd90dd18ed3e37c15c0034dc62
-
SSDEEP
49152:ZUuBTOjZwS1Ihk+hy7iHuaRZnt+NTNLiG97d:ZXRO0hkr2Rxt+eE
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Winlogon Helper DLL
1