Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
420f9d09781da5efa88c07bc6464c350_NeikiAnalytics
-
Size
170KB
-
Sample
240514-3djx4sdf2z
-
MD5
420f9d09781da5efa88c07bc6464c350
-
SHA1
e484e30648fd498b28128ed8145e5164c80a1b8f
-
SHA256
7e14114a882e13f10fc3dba19d4f70f4c804f34584fcd816e92ff54764b44fee
-
SHA512
ed1dcced5a5db08e0037570fd27482685c3e832383cf07a5bf80bd0bd703d0a82c4f5a60198324d477a7eb0445b9f474493b074fcbbfce9dd83d27aede6c37a9
-
SSDEEP
3072:s/JpOm5axh63laEo+pXX1pQD2UCohD8mxLCj+5cmeDye42L712xrpdJ8xLeb7Ux:sBAm5oh63laEo+pXX1pkF8mxeq5+4m7D
Static task
static1
Behavioral task
behavioral1
Sample
420f9d09781da5efa88c07bc6464c350_NeikiAnalytics.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
420f9d09781da5efa88c07bc6464c350_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
420f9d09781da5efa88c07bc6464c350_NeikiAnalytics
-
Size
170KB
-
MD5
420f9d09781da5efa88c07bc6464c350
-
SHA1
e484e30648fd498b28128ed8145e5164c80a1b8f
-
SHA256
7e14114a882e13f10fc3dba19d4f70f4c804f34584fcd816e92ff54764b44fee
-
SHA512
ed1dcced5a5db08e0037570fd27482685c3e832383cf07a5bf80bd0bd703d0a82c4f5a60198324d477a7eb0445b9f474493b074fcbbfce9dd83d27aede6c37a9
-
SSDEEP
3072:s/JpOm5axh63laEo+pXX1pQD2UCohD8mxLCj+5cmeDye42L712xrpdJ8xLeb7Ux:sBAm5oh63laEo+pXX1pkF8mxeq5+4m7D
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-