Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
72968fdb09684a974911f1733360ae10_NeikiAnalytics
-
Size
641KB
-
Sample
240511-ebn72sec67
-
MD5
72968fdb09684a974911f1733360ae10
-
SHA1
ad962f0016697c1edf8305705258a217c1ea0793
-
SHA256
7dbb0e4abb6f90db1f7940f6e4a34eec417a53a9dd30d0bee2b7693648646cd5
-
SHA512
a3bedfbdbe0b5d3731af54d96b7bf87a09d012eb919b99c65b404c40b55b7f042fa728fd160878ba8fdc8b521f9d6fe30d41005da3d835d8e1bbfd7e5737e366
-
SSDEEP
12288:dXCNi9BeWxUxvzq/B7lWEmUfR1o7sDe+H0bXs9payABFmHm/Qs:oWeWG+VlxRfHAsDMbXKAbmHmIs
Malware Config
Targets
-
-
Target
72968fdb09684a974911f1733360ae10_NeikiAnalytics
-
Size
641KB
-
MD5
72968fdb09684a974911f1733360ae10
-
SHA1
ad962f0016697c1edf8305705258a217c1ea0793
-
SHA256
7dbb0e4abb6f90db1f7940f6e4a34eec417a53a9dd30d0bee2b7693648646cd5
-
SHA512
a3bedfbdbe0b5d3731af54d96b7bf87a09d012eb919b99c65b404c40b55b7f042fa728fd160878ba8fdc8b521f9d6fe30d41005da3d835d8e1bbfd7e5737e366
-
SSDEEP
12288:dXCNi9BeWxUxvzq/B7lWEmUfR1o7sDe+H0bXs9payABFmHm/Qs:oWeWG+VlxRfHAsDMbXKAbmHmIs
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-