Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ad827a5cf1127f1cfb3af8ba55cc4de570404ee0a81edb74789788761c5e1f81_NeikiAnalytics.exe

  • Size

    3.1MB

  • Sample

    240629-qstdwa1frl

  • MD5

    559392040209af04b36cb0c79cbaed20

  • SHA1

    74ba5cc83f04f1752ae1068310d5a00a99e43741

  • SHA256

    ad827a5cf1127f1cfb3af8ba55cc4de570404ee0a81edb74789788761c5e1f81

  • SHA512

    a29fb8e075bbe03e390a85172245fa356c5a9f4228e28357d4af98756c5ab419a80e6f437aac33ff33c4d99416ad8cf2161dd4bd90dd18ed3e37c15c0034dc62

  • SSDEEP

    49152:ZUuBTOjZwS1Ihk+hy7iHuaRZnt+NTNLiG97d:ZXRO0hkr2Rxt+eE

Malware Config

Targets

    • Target

      ad827a5cf1127f1cfb3af8ba55cc4de570404ee0a81edb74789788761c5e1f81_NeikiAnalytics.exe

    • Size

      3.1MB

    • MD5

      559392040209af04b36cb0c79cbaed20

    • SHA1

      74ba5cc83f04f1752ae1068310d5a00a99e43741

    • SHA256

      ad827a5cf1127f1cfb3af8ba55cc4de570404ee0a81edb74789788761c5e1f81

    • SHA512

      a29fb8e075bbe03e390a85172245fa356c5a9f4228e28357d4af98756c5ab419a80e6f437aac33ff33c4d99416ad8cf2161dd4bd90dd18ed3e37c15c0034dc62

    • SSDEEP

      49152:ZUuBTOjZwS1Ihk+hy7iHuaRZnt+NTNLiG97d:ZXRO0hkr2Rxt+eE

    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • UAC bypass

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks