Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1e63211cb2505503947837110fe0e38007fd26f1430dcc86be48560dfaf80d4f_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240630-17qxea1ank
-
MD5
7144b38532c87843b7f66325935cf410
-
SHA1
b9c8faff7e2991498dfad842abd0b66e16a1ef01
-
SHA256
1e63211cb2505503947837110fe0e38007fd26f1430dcc86be48560dfaf80d4f
-
SHA512
5ae28fe7340445f729ea468d750994b916d568666d90fe32ac538e6edb54839a1e68e87ff1bf2466c9d83d2f38b412b7c9cbdfce134165fe6c4289053900e95c
-
SSDEEP
3072:HP4/LEiEUW01B4vmphKuLJuRfCnLJ+fzsTFO:v4/AiEURBWmf9mfCnLJ+fzs
Static task
static1
Behavioral task
behavioral1
Sample
1e63211cb2505503947837110fe0e38007fd26f1430dcc86be48560dfaf80d4f_NeikiAnalytics.dll
Resource
win7-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
1e63211cb2505503947837110fe0e38007fd26f1430dcc86be48560dfaf80d4f_NeikiAnalytics.exe
-
Size
120KB
-
MD5
7144b38532c87843b7f66325935cf410
-
SHA1
b9c8faff7e2991498dfad842abd0b66e16a1ef01
-
SHA256
1e63211cb2505503947837110fe0e38007fd26f1430dcc86be48560dfaf80d4f
-
SHA512
5ae28fe7340445f729ea468d750994b916d568666d90fe32ac538e6edb54839a1e68e87ff1bf2466c9d83d2f38b412b7c9cbdfce134165fe6c4289053900e95c
-
SSDEEP
3072:HP4/LEiEUW01B4vmphKuLJuRfCnLJ+fzsTFO:v4/AiEURBWmf9mfCnLJ+fzs
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5