Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7676224647523db2404eb4b86a4af860_NeikiAnalytics

  • Size

    284KB

  • Sample

    240515-eh934age29

  • MD5

    7676224647523db2404eb4b86a4af860

  • SHA1

    78afce8a2b9a7ef2c144cd235854929e42eda05a

  • SHA256

    0299c7827839088c2975c7bf455b844354e7abfdf158f2bed930998396ece207

  • SHA512

    898c7be16fa534f65ca8143bb0afd2c6a67fd5bfe6eacdf274ab5475e6214bb0ac3ec296324de62b78d76162b6f51aa0a69169ac2a0974963934992bcecbf308

  • SSDEEP

    6144:VjluQoSiIo5RuUaZdcqs2S38Q/oVbOnLIkz+lRJqwcJUCO:VEQoSmSUGdUp3d/rnLRaqDW

Malware Config

Targets

    • Target

      7676224647523db2404eb4b86a4af860_NeikiAnalytics

    • Size

      284KB

    • MD5

      7676224647523db2404eb4b86a4af860

    • SHA1

      78afce8a2b9a7ef2c144cd235854929e42eda05a

    • SHA256

      0299c7827839088c2975c7bf455b844354e7abfdf158f2bed930998396ece207

    • SHA512

      898c7be16fa534f65ca8143bb0afd2c6a67fd5bfe6eacdf274ab5475e6214bb0ac3ec296324de62b78d76162b6f51aa0a69169ac2a0974963934992bcecbf308

    • SSDEEP

      6144:VjluQoSiIo5RuUaZdcqs2S38Q/oVbOnLIkz+lRJqwcJUCO:VEQoSmSUGdUp3d/rnLRaqDW

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks