Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d31b98ad5560539321db2fde75909440_NeikiAnalytics

  • Size

    301KB

  • Sample

    240510-nn4ypsbh6v

  • MD5

    d31b98ad5560539321db2fde75909440

  • SHA1

    a6595d31b574375a8565424215c04527d04abfd5

  • SHA256

    272e6de92fe69d0c320e51e4323767eb687eb81b7f16e6d2e04cb849264a89a3

  • SHA512

    6f6c51758e18ec578493531967a763ac0acb8fbca96779eb8d411442a4b4c540e600bd36a94c8ea1f236530682ca582e7ce277c9dc5f1ee2b95e9724164dee7c

  • SSDEEP

    6144:k9BJ8mzGdsyJMGkLk5kLk7djgc9cUJwtG6DFaZLOL4oXLHdjgc9cUJwtG6DFaZL2:iJ8CFdYdjgc9cUJwtG6DFaZLOL4o7djq

Malware Config

Targets

    • Target

      d31b98ad5560539321db2fde75909440_NeikiAnalytics

    • Size

      301KB

    • MD5

      d31b98ad5560539321db2fde75909440

    • SHA1

      a6595d31b574375a8565424215c04527d04abfd5

    • SHA256

      272e6de92fe69d0c320e51e4323767eb687eb81b7f16e6d2e04cb849264a89a3

    • SHA512

      6f6c51758e18ec578493531967a763ac0acb8fbca96779eb8d411442a4b4c540e600bd36a94c8ea1f236530682ca582e7ce277c9dc5f1ee2b95e9724164dee7c

    • SSDEEP

      6144:k9BJ8mzGdsyJMGkLk5kLk7djgc9cUJwtG6DFaZLOL4oXLHdjgc9cUJwtG6DFaZL2:iJ8CFdYdjgc9cUJwtG6DFaZLOL4o7djq

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.