Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    64e2baf26e17b75f52f7fe63a01e8140_NeikiAnalytics

  • Size

    694KB

  • Sample

    240515-cw99xadc84

  • MD5

    64e2baf26e17b75f52f7fe63a01e8140

  • SHA1

    111c420078f607a9d961a7b134d3217179c6331c

  • SHA256

    e54a83e1f7af39a68944b2c2b800c0b6d0efb3747a105c75d903e14df3c6fe79

  • SHA512

    2941e3bad66d8d46a6fbc4e1822ae30fe1d8efc83fb9917a0fb32dc162be2cbe378fba7e4c4b465f3c3b8128790d46121c0e5d66fbac405913bceecf41b3ce29

  • SSDEEP

    12288:ndQEshonKOU8B33ZxvqSEcJLCcbg7ZXMxuRJQ81jlDbfoHMaTqv8BIYlc70Xz:kKn5U8N3nEcNxEZcCQ81jlgHFTzHKy

Malware Config

Targets

    • Target

      64e2baf26e17b75f52f7fe63a01e8140_NeikiAnalytics

    • Size

      694KB

    • MD5

      64e2baf26e17b75f52f7fe63a01e8140

    • SHA1

      111c420078f607a9d961a7b134d3217179c6331c

    • SHA256

      e54a83e1f7af39a68944b2c2b800c0b6d0efb3747a105c75d903e14df3c6fe79

    • SHA512

      2941e3bad66d8d46a6fbc4e1822ae30fe1d8efc83fb9917a0fb32dc162be2cbe378fba7e4c4b465f3c3b8128790d46121c0e5d66fbac405913bceecf41b3ce29

    • SSDEEP

      12288:ndQEshonKOU8B33ZxvqSEcJLCcbg7ZXMxuRJQ81jlDbfoHMaTqv8BIYlc70Xz:kKn5U8N3nEcNxEZcCQ81jlgHFTzHKy

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks