Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e877518128cf87d1ba0331e86fae93c0_NeikiAnalytics

  • Size

    73KB

  • Sample

    240509-yzd7jafd69

  • MD5

    e877518128cf87d1ba0331e86fae93c0

  • SHA1

    e6636ce3d518aa5bd1917be328a9dab032fcedb4

  • SHA256

    9e8123b7355aece1c48ad55899c17f0fd78aca0b877148f2895241a4776e8852

  • SHA512

    af597456020183a9d4bc37acbdbddf2dc6d68b9a65ae6966ad97d5a151a36bbf252a3bf4c65ef578ddf0ac479e41342e4cc3817e52bef7876218fa434d1aa35f

  • SSDEEP

    1536:gjIewPQsrz8haFpmqr76/Y3WLptb4yzwC132n6sLDDO:gjIpPN8QFda/2Yb4yzjsLXO

Score
7/10

Malware Config

Targets

    • Target

      e877518128cf87d1ba0331e86fae93c0_NeikiAnalytics

    • Size

      73KB

    • MD5

      e877518128cf87d1ba0331e86fae93c0

    • SHA1

      e6636ce3d518aa5bd1917be328a9dab032fcedb4

    • SHA256

      9e8123b7355aece1c48ad55899c17f0fd78aca0b877148f2895241a4776e8852

    • SHA512

      af597456020183a9d4bc37acbdbddf2dc6d68b9a65ae6966ad97d5a151a36bbf252a3bf4c65ef578ddf0ac479e41342e4cc3817e52bef7876218fa434d1aa35f

    • SSDEEP

      1536:gjIewPQsrz8haFpmqr76/Y3WLptb4yzwC132n6sLDDO:gjIpPN8QFda/2Yb4yzjsLXO

    Score
    7/10
    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks