Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics

  • Size

    1.3MB

  • Sample

    240510-clp6zsgb59

  • MD5

    4819fbb18a971f4664a4e7cab074ca40

  • SHA1

    b5009e079309574cc2117eb30bd7c437b88a56c0

  • SHA256

    069545197966bde77c906238e6f4f96a681201704e4b4c80a4d460911ada2f51

  • SHA512

    9410204591f5225bbae08038c28fe8f1af485f3414d257c1f7c9915bb7b95cc7152f05a84f54fdc7fa88b0d034b68d1fdc2cfce25eb9e39a130580ff6bd53844

  • SSDEEP

    24576:oW18pU5RzwL4v7ZfdmGWirSvsqy2B73zmGE0Djnuxn3fAG4+Rwb1Hgs:V1r5t7mGTAXdY2u93IG4+RwJN

Malware Config

Targets

    • Target

      4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics

    • Size

      1.3MB

    • MD5

      4819fbb18a971f4664a4e7cab074ca40

    • SHA1

      b5009e079309574cc2117eb30bd7c437b88a56c0

    • SHA256

      069545197966bde77c906238e6f4f96a681201704e4b4c80a4d460911ada2f51

    • SHA512

      9410204591f5225bbae08038c28fe8f1af485f3414d257c1f7c9915bb7b95cc7152f05a84f54fdc7fa88b0d034b68d1fdc2cfce25eb9e39a130580ff6bd53844

    • SSDEEP

      24576:oW18pU5RzwL4v7ZfdmGWirSvsqy2B73zmGE0Djnuxn3fAG4+Rwb1Hgs:V1r5t7mGTAXdY2u93IG4+RwJN

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks