Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c0d0c5232ab474d77a071f2526ad7350_NeikiAnalytics

  • Size

    1.4MB

  • Sample

    240513-wvlppshc64

  • MD5

    c0d0c5232ab474d77a071f2526ad7350

  • SHA1

    ba1ffb993c9fadbae4a15be5ce9e33bb72189acb

  • SHA256

    f18e3d450c17050837555716f7953491eae1cec4622262b84118660571c631e9

  • SHA512

    4424b70d7cc081157101002a0f92690d4b0e48f038190c69c544f9d318a2dfa58352ad2e17a417c7f4129cdb731876f5108cee938c90d9c6bfdf825ba773f73e

  • SSDEEP

    24576:VInO0uV8y5HRpxeMQSJ0yAFJSbHHYchBzj3M8amWsOhSxBP5m:Vl8sH5ambnj33MnmWsOhw5m

Malware Config

Targets

    • Target

      c0d0c5232ab474d77a071f2526ad7350_NeikiAnalytics

    • Size

      1.4MB

    • MD5

      c0d0c5232ab474d77a071f2526ad7350

    • SHA1

      ba1ffb993c9fadbae4a15be5ce9e33bb72189acb

    • SHA256

      f18e3d450c17050837555716f7953491eae1cec4622262b84118660571c631e9

    • SHA512

      4424b70d7cc081157101002a0f92690d4b0e48f038190c69c544f9d318a2dfa58352ad2e17a417c7f4129cdb731876f5108cee938c90d9c6bfdf825ba773f73e

    • SSDEEP

      24576:VInO0uV8y5HRpxeMQSJ0yAFJSbHHYchBzj3M8amWsOhSxBP5m:Vl8sH5ambnj33MnmWsOhw5m

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks