Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    282e253d2f3e75c3d3f7432a2381c070_NeikiAnalytics

  • Size

    1.1MB

  • Sample

    240510-vftakaah68

  • MD5

    282e253d2f3e75c3d3f7432a2381c070

  • SHA1

    6e10e5e49cea4be9adb35635d99191ad32f1aaa2

  • SHA256

    b171825929438d386ecc33a7817ae3dab7b082c33aec3dc72cc1e27c14270990

  • SHA512

    eda5cacb9987dd378d9902ea7ea45a66be493ff08fb8a6d7a35dbc4d6c698776d5051abe6a1bc14d43a1e83944259858592b2cf1db6b450a6994b8eb6d8684c1

  • SSDEEP

    24576:JB8rcLicZHZzgsszAmIpVsm0mCo4XUEH3vfsCqYeZxl6:PPZisskhym0m7EH/flqYKH6

Malware Config

Targets

    • Target

      282e253d2f3e75c3d3f7432a2381c070_NeikiAnalytics

    • Size

      1.1MB

    • MD5

      282e253d2f3e75c3d3f7432a2381c070

    • SHA1

      6e10e5e49cea4be9adb35635d99191ad32f1aaa2

    • SHA256

      b171825929438d386ecc33a7817ae3dab7b082c33aec3dc72cc1e27c14270990

    • SHA512

      eda5cacb9987dd378d9902ea7ea45a66be493ff08fb8a6d7a35dbc4d6c698776d5051abe6a1bc14d43a1e83944259858592b2cf1db6b450a6994b8eb6d8684c1

    • SSDEEP

      24576:JB8rcLicZHZzgsszAmIpVsm0mCo4XUEH3vfsCqYeZxl6:PPZisskhym0m7EH/flqYKH6

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks