Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3cda9764b7cd852fcf15d8a651616fb0_NeikiAnalytics
-
Size
289KB
-
Sample
240510-bw9spsah81
-
MD5
3cda9764b7cd852fcf15d8a651616fb0
-
SHA1
240de2f314a26498f8fd5f00189cee2701ba26cf
-
SHA256
995aa51181c31ff58250db3d1e72983ec8f56986a1f08ebfbe0ddd983a3db8e0
-
SHA512
e49a3c7f4cb5b8f0defbdc8c90714ca526d35cb060fd7db4c1fe16d3ebe6702c6c76f373cf26e5827f53480a5971a4d2a84ac5d37dd61a6bcacb75495f41fa38
-
SSDEEP
6144:96xwSR5NtUIJEWyXuew+q1l0d2Js6H5/TZkKI:9A3NtUISdPw+Elq2Jsm2J
Static task
static1
Behavioral task
behavioral1
Sample
3cda9764b7cd852fcf15d8a651616fb0_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Extracted
urelas
218.54.31.226
218.54.31.165
Targets
-
-
Target
3cda9764b7cd852fcf15d8a651616fb0_NeikiAnalytics
-
Size
289KB
-
MD5
3cda9764b7cd852fcf15d8a651616fb0
-
SHA1
240de2f314a26498f8fd5f00189cee2701ba26cf
-
SHA256
995aa51181c31ff58250db3d1e72983ec8f56986a1f08ebfbe0ddd983a3db8e0
-
SHA512
e49a3c7f4cb5b8f0defbdc8c90714ca526d35cb060fd7db4c1fe16d3ebe6702c6c76f373cf26e5827f53480a5971a4d2a84ac5d37dd61a6bcacb75495f41fa38
-
SSDEEP
6144:96xwSR5NtUIJEWyXuew+q1l0d2Js6H5/TZkKI:9A3NtUISdPw+Elq2Jsm2J
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-